ctdb-scripts: ctdbd_wrapper should never remove the PID file

kill_ctdbd() kills the daemon and then removes the PID file.  This is
racy because a new daemon could write a new PID file in between the
kill and the removal.  Reversing these steps would be an improvement.

However, none of the places where kill_ctdbd() is called is a safe
place to remove the PID file.  There is always a chance that a new
daemon could start, write a new PID file and then kill_ctdbd() could
remove the new PID file.

ctdbd is able to overwrite a stale PID file by checking to see if it
is locked.

Therefore, entirely drop removal of the PID file from ctdbd_wrapper.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12287

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/ctdb/config/ctdbd_wrapper b/ctdb/config/ctdbd_wrapper
index cdf030499d3adfc51e3fc23fbb0bf73a70cd461c..bfc91f7b644780c119a7ba414f9a1b2403a48c0f 100755 (executable)
--- a/ctdb/config/ctdbd_wrapper
+++ b/ctdb/config/ctdbd_wrapper
@@ -185,7 +185,6 @@ kill_ctdbd ()
 
     if [ -n "$_session" ] ; then
        pkill -9 -s "$_session" 2>/dev/null
-       rm -f "$pidfile"
     fi
 }