[Snort-devel] Re: SIGHUP doesn't work

Steve G linux_4ever at ...398...
Tue Sep 23 06:33:22 EDT 2003


>-HUP works and works just fine

IMHO, it doesn't. Maybe this is a case for capabilities. It won't
solve the chroot problem, though. Also, now that I look in
util.c, I see that if you are chroot'ing the daemon, it installs
a different signal handler.

>So long it's even in the FAQ (6.19).  It's amazing what 
>we hide in there isn't it?  ;-)

Right. I usually look at the man page where it explains the
signal usage available to an admin.

>Need to HUP it?  Don't use -u -g or -t.

Maybe following the lead of the SigChrootHupHandler is the best
compromise? If the -u option is present, install an "I can't do
this" signal handler.

Reviewing the current signal handlers...I see a couple of
problems . Two of them call some non-reentrant functions. I think
syslog, fprintf, puts are highly discouraged by the SUS for use
in signal handlers. It looks like both of those signal handlers
should be serialized and called from the main event loop.

-Steve Grubb

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com




More information about the Snort-devel mailing list