Ok probably I'm missing something and it's my fault however I can't figure it out right now ;). Here's the problem, with my /etc/init.d/snort and /etc/init.d/firewall scripts I get this error randomly at midnight, here's some entry from my messages: Apr 29 00:00:01 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... May 1 00:00:01 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 23 00:00:01 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 24 00:00:01 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 24 00:00:03 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 24 00:00:03 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 27 00:00:02 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 27 00:00:02 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 27 00:00:02 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 15 00:00:02 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 15 00:00:02 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 15 00:00:03 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 16 00:00:02 rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing... Apr 19 00:00:02 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Apr 20 00:00:03 rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... Here's the related crontab entry: 0 0 * * * /etc/init.d/snort stop > /dev/null 2> /dev/null ; /etc/init.d/snort start > /dev/null 2> /dev/null 0 * * * * /etc/init.d/firewall acct > /dev/null 2> /dev/null ; /etc/init.d/firewall stop > /dev/null 2> /dev/null ; /etc/init.d/firewall start > /dev/null 2> /dev/null (Notice that /etc/init.d/firewall is executed every hour, however only at midnight the syntax error occurs) The scripts are /etc/init.d/snort and /etc/init.d/snort (perms: root.root 700) snort: #!/sbin/runscript depend() { need net } start() { for i in `ls /var/log/snort/snort.log*` ; do mv $i /var/log/snort/year-2003/ ; done ebegin "Starting IDS" /usr/sbin/snort -c /etc/snort/snort.conf -D -b -d -i eth1 -l /var/log/snort > /dev/null 2> /dev/null eend $? } stop() { ebegin "Stopping IDS" kill `cat /var/run/snort_eth1.pid` eend $? } firewall: #!/sbin/runscript opts="${opts} log lock status acct acct_mail acct_reset" depend() { need net } start() { ebegin "Starting Firewall" .....(lot of rules ;) ) eend $? } log() { echo -e "\033[1;31mWARNING\033[0m: Press CTRL-C if you haven't already start the firewall..." echo "otherwise press a key..." read ebegin "Enabling Logging" .....(lot of rules ;) ) eend $? } lock() { echo -e "\033[1;31mWARNING\033[0m: This will lock our network, press a key to continue..." read ebegin "Locking system" .....(lot of rules ;) ) eend $? } stop() { ebegin "Shutting down Firewall" .....(lot of rules ;) ) eend $? } status () { /sbin/iptables -L -n eend $? } ... and so on (there are the acct acct_mail acct_reset entries, nothing special some 'for i in...' stuff that I've cutted out for brevity) What it can be? Thanks :)
They seem fine. Another possibility is a /mnt/.init.d/ or /var/lib/init.d/ with no write access or no space.
/mnt/.init.d looks fine # ls -l /mnt/.init.d drw-r--r-- 12 root root 0 May 14 08:45 .init.d # df -h|grep init.d tmpfs 2.0M 20K 2.0M 1% /mnt/.init.d And I don't beleive that the simultaneous execution of two 'start stop' on init script can cause it to fill 2.0M. # ls -l /etc/init.d/firewall -rwxr-x--- 1 root root 14636 Mar 5 10:14 /etc/init.d/firewall # ls -l /etc/init.d/snort -rwxr-x--- 1 root root 379 Jan 4 11:18 /etc/init.d/snort I've changed the crontab so that /etc/init.d/snort stop ..start it's executed at 00:01 and /etc/init.d/firewall stop .. start at 00:00. Let's if something change. By the way that's really odd!! :) messages:May 12 00:00:02 sole rc-scripts: ERROR: "/etc/init.d/snort" has syntax errors in it; not executing... messages:May 12 00:00:02 sole rc-scripts: ERROR: "/etc/init.d/firewall" has syntax errors in it; not executing...
Bleh, right. I did fix this in baselayout-1.8.6.7 (or maybe cvs), to have wrap_rcscript() look like this: -------------------------------------------------------- wrap_rcscript() { local retval=1 local myservice="${1##*/}" ( echo "function test_script() {" ; cat "$1"; echo "}" ) \ > "${svcdir}/${myservice}-$$" if source "${svcdir}/${myservice}-$$" &> /dev/null then test_script &> /dev/null retval=0 fi rm -f "${svcdir}/${myservice}-$$" return "${retval}" } ----------------------------------------- Could you change /sbin/functions.sh to this, and have a look again ? Thanks.
Ok, now I'm seeing were the problem were. I've made the change and I'll report if this happens again, however I'm 100% sure that now will work. I'll let you know anyway. I strongly suggest that this patch goes in to a stable baselayout update. thanks
Ok, the problem is solved for me. I am closing this bug, however the current baselayout is affected by this so the patch must be used. Bye
