Tom Duckering


a web log of my technical stumblings

Chrooted services and pidof failure

I’ve just spent the past hour or so digging into why haproxy was failing to be stopped on one of our CentOS 5 machines. The symptoms were that it was failing to start because there was already an old instance of it listening on the same port. The obligatory socket binding failure error messages where clear there.

The next problem to solve was why could that old instance not be stopped? Reading the /etc/init.d/haproxy script, it was apparent that it wasn’t using a pid file to know what to kill. Instead it was falling back on using the pidof tool to find the pid for the running daemon. Furthermore for some reason, the /etc/rc.d/init.d/functions uses pidof with the -c switch. This switch causes pidof to ignore any process that doesn’t have a matching root. That is, if the daemon has been chrooted then if you’re not under the same chroot, pidof will filter it out.

This was our problem. HAProxy was being chrooted and so the init.d script was unable to find it.

Our temporary fix was to stop haproxy being chrooted. However long term it’d be better to have the init.d script use the processes pid file.

Filed under: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: