[Snort-devel] Re: SIGHUP doesn't work

Jeff Nathan jeff at ...835...
Tue Sep 23 11:57:09 EDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You're in luck,

Once upon a time I wrote a shell script that you might enjoy.

http://www.snort.org/dl/contrib/other_tools/snort.server.gz

- -Jeff

On Tuesday, September 23, 2003, at 09:32 AM, Steve G wrote:

>> -HUP works and works just fine
>
> IMHO, it doesn't. Maybe this is a case for capabilities. It won't
> solve the chroot problem, though. Also, now that I look in
> util.c, I see that if you are chroot'ing the daemon, it installs
> a different signal handler.
>
>> So long it's even in the FAQ (6.19).  It's amazing what
>> we hide in there isn't it?  ;-)
>
> Right. I usually look at the man page where it explains the
> signal usage available to an admin.
>
>> Need to HUP it?  Don't use -u -g or -t.
>
> Maybe following the lead of the SigChrootHupHandler is the best
> compromise? If the -u option is present, install an "I can't do
> this" signal handler.
>
> Reviewing the current signal handlers...I see a couple of
> problems . Two of them call some non-reentrant functions. I think
> syslog, fprintf, puts are highly discouraged by the SUS for use
> in signal handlers. It looks like both of those signal handlers
> should be serialized and called from the main event loop.
>
> -Steve Grubb
>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
>

- --
http://cerberus.sourcefire.com/~jeff       (gpg/pgp key id 6923D3FD)
"Great spirits have always encountered violent opposition from
mediocre minds."   - Albert Einstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iD8DBQE/cJdjEqr8+Gkj0/0RAhCiAJ46CaNLKiwxPmOAlpoyhmc6dwW+aACgiF7E
EsVpwqPMbjccIWv61n5nlMc=
=xbrK
-----END PGP SIGNATURE-----





More information about the Snort-devel mailing list