On 12/13/20 8:32 PM, Theo de Raadt wrote:
If a pflogd dies because of a bug, the pid listed in the file may be reused, and then your kill `cat pidfile` will kill the incorrect process.
I understand your concern, but as written before, I am not asking to drop pkill support. How about adding a static -uuid <myuuid> option to the pflogd command line (instead of "-p /var/run/pflogd.pid"), to be shown in the process list as well? Of course pflogd should ignore this uuid option. Its only purpose is to support pkill/pgrep. This would be a much more reliable and easy to use search pattern for pkill/ pgrep than the executable name or the interface name. Regards Harri
