Subject: Re: apcupsd and wall+sendmail
To: David Laight <david@l8s.co.uk>
From: Thierry Lacoste <lacoste@miage.univ-paris12.fr>
List: netbsd-help
Date: 07/14/2007 15:14:37
On Saturday 14 July 2007 14:49, David Laight wrote:
> On Sat, Jul 14, 2007 at 01:26:24PM +0200, Thierry Lacoste wrote:
> > Jul 12 11:42:27 vega /netbsd: set{u,g}id pid 29748 (sendmail) was invoked
> > by uid 0 ppid 1 (init) with fd 1,2 closed
> > Jul 12 11:42:27 vega /netbsd: set{u,g}id pid 2714 (wall) was invoked by
> > uid 0 ppid 1889 (sh) with fd 1,2 closed
> >
> > What do wall and sendmail messages mean?
>
> They are from the kernel. Basically programs and (worse) library code
> are likely to assume that fd 1 and 2 are connected to places they can
> write messages to. If you start a program with them closed, then they
> can be used for 'normal' file opens, and then writes to stdout/stderr
> can appear in the wring place.
> When this happens accidentally [1] is can be hard to debug, but for
> suid programs it could be a security issue.
> The kernel warnings are this suggesting that you fix whatever is
> closing the fds
Thanks David. I suspected something like this but I was not sure as this
does not happen on other BSDs.
> - often best to open /dev/null onto them instead.
Just out of curiosity how would you do that on e.g. the following lines
which are run by apccontrol when power failure is detected?
printf "Power failure. Running on UPS batteries." | wall
/usr/bin/logger -p user.info -t apccontrol "Power failure. Running on UPS
batteries."
Regards,
Thierry.