Bug#945464: /lib/init/init-d-script: stop action: missing --oknodo in s-s-d invocation

Jan Braun janbraun at gmx.de
Mon Nov 25 11:06:51 GMT 2019

Package: sysvinit-utils
Version: 2.96-1
Severity: serious
Justification: Policy 9.3.2.

Dear Maintainer,

The /lib/init/init-d-script errorneously returns failure when asked to
stop a non-running service:

| $ sudo service kxd start ; echo $?
| Starting key exchange daemon: kxd.
| 0
| $ sudo service kxd stop ; echo $?
| Stopping key exchange daemon: kxd.
| 0
| $ sudo service kxd stop ; echo $?
| Stopping key exchange daemon: kxd.
| 1
| $ 

The same behaviour occurs for lvm2-lvmpolld, which uses
/lib/init/init-d-script as well.
That's a violation of Policy 9.3.2.:

> The init.d scripts must ensure that they will behave sensibly [...] if
> invoked with start when the service is already running, or with stop
> when it isn’t [...]. The best way to achieve this is usually to use
> start-stop-daemon with the --oknodo option.

Besides, it triggers failures in dpkg maintainer scripts:

| $ sudo apt-get purge kxd
| Reading package lists... Done
| Building dependency tree
| Reading state information... Done
| The following packages will be REMOVED:
|   kxd*
| 0 upgraded, 0 newly installed, 1 to remove and 176 not upgraded.
| After this operation, 5221 kB disk space will be freed.
| Do you want to continue? [Y/n]
| (Reading database ... 282527 files and directories currently installed.)
| Removing kxd (0.13+git20170730.6182dc8-1) ...
| Stopping key exchange daemon: kxd.
| invoke-rc.d: initscript kxd, action "stop" failed.
| dpkg: error processing package kxd (--remove):
|  installed kxd package pre-removal script subprocess returned error exit status 1
| dpkg: too many errors, stopping
| Errors were encountered while processing:
|  kxd
| Processing was halted because there were too many errors.
| E: Sub-process /usr/bin/dpkg returned an error code (1)
| $ 

And indeed, one call to start-stop-daemon in /lib/init/init-d-script is
missing the --oknodo flag. Namely, the first call in the stop action:

| do_stop_cmd() {
|     start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
|         $STOP_ARGS \
|         ${PIDFILE:+--pidfile ${PIDFILE}} --name ${COMMAND_NAME} --exec $DAEMON
|     RETVAL="$?"
|     [ "$RETVAL" = 2 ] && return 2
|     # Wait for children to finish too if this is a daemon that forks
|     # and if the daemon is only ever run from this initscript.
|     # If the above conditions are not satisfied then add some other code
|     # that waits for the process to drop all resources that could be
|     # needed by services started subsequently.  A last resort is to
|     # sleep for some time.
|     start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
|         $STOP_ARGS \
|         --exec $DAEMON
|     [ "$?" = 2 ] && return 2
|     # Many daemons don't delete their pidfiles when they exit.
|     rm -f $PIDFILE
|     return $RETVAL
| }

Adding --oknodo in line 76 (line 2 in the quote) should fix this bug.

Additionally, I'd like to point out that the calculation of the return
code in this function seems fishy to me: it will always be the return
code of the first s-s-d invocation, unless the second invocation returns
2 (which aiui means "a process survived SIGKILL" in this context).
Wouldn't taking the maximum (or sum) of the two return codes be more

Thank you for maintaining sysvinit.

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (650, 'testing-debug'), (550, 'unstable-debug'), (550, 'unstable'), (10, 'experimental-debug'), (10, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages sysvinit-utils depends on:
ii  init-system-helpers  1.57
ii  libc6                2.29-3
ii  lsb-base             11.1.0
ii  util-linux           2.34-0.1

sysvinit-utils recommends no packages.

sysvinit-utils suggests no packages.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.chiark.greenend.org.uk/pipermail/debian-init-diversity/attachments/20191125/5dd0e42f/attachment.sig>

More information about the Debian-init-diversity mailing list