Skip to content

Make laurel reload its configuration or re-exec via signal #133

New issue
New issue
Closed
Closed
Make laurel reload its configuration or re-exec via signal#133
Assignees
hillu
Milestone
 
0.7 release
@hillu

Description

@hillu
hillu
opened on Jan 30, 2023

The corrent deployment or update mode relies on auditd stopping/restarting laurel. This has a few shortcomings:

  • If laurel has crashed too often, auditd will not restart it even if the binary has changed.
  • The workaround, restarting auditd, means that messages will be lost. (This is probably the main reason whssy RHEL systems forbid auditd to be restarted though systemd mechanisms.)
  • Multi-message events may be split into a pre-restart and post-restart portion.
  • State (process table including labels) is lost across restart.

To overcome those shortcomings, the following features should be implemented:

  • Signal handler
  • Dump state to file (on disk or memfd). This file should contain in-flight messages, shadow process table, current configuration.
  • Re-exec,
  • passing the file descriptor to the new process.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions