Opened 10 years ago

Closed 10 years ago

#84 closed defect (wontfix)

cereal's $SUPERVISE_WORLD_ACCESSIBLE is not honored across reboots when `/var/run` is a tmpfs

Reported by: dkg Owned by: jrollins
Priority: major Component: cereal
Keywords: cereal Cc:
Sensitive:

Description (last modified by dkg)

if /etc/default/rcS has this line in it:

RAMRUN=yes

then a tmpfs will be mounted at /var/run at every boot.

The new version of runit actually creates the supervise directories in /var/run.

As of [982], SUPERVISE_WORLD_ACCESSIBLE gets interpreted during cereal-admin start, but this is not sufficient: after a reboot, no one should ever need to invoke cereal-admin start by hand.

This means that a world-readable supervise directory will be set up the first time cereal is started, but then after a reboot, it will be automatically created into the new tmpfs without any setting of modes.

Change History (2)

comment:1 Changed 10 years ago by dkg

  • Description modified (diff)

comment:2 Changed 10 years ago by jrollins

  • Resolution set to wontfix
  • Status changed from new to closed

As of runit 1.8.0-3, update-service will no longer move supervise directories if they are not in /etc to begin with, and since we make all of our service directories in /var/lib/cereal/sessions (including the supervise directories), this is no longer an issue. In point of fact, runit does not use /var/run for supervise directories either, because of this very issue, and instead uses /var/lib/supervise.

Note: See TracTickets for help on using tickets.