charon: Ignore an existing PID file if it references ourself

If a daemon PID file references the process that does the check, it is safe
to ignore it; no running process can have the same PID. While this is rather
unlikely to get restarted with the same PID under normal conditions, it is
quite common when running inside PID namespaced containers: If a container
gets stopped and restarted with a PID file remaining, it is very likely that
the PID namespace assigns the same PID to our service, as they are assigned
sequentially starting from 1.

diff --git a/src/charon/charon.c b/src/charon/charon.c
index f23717034f3986afba5c6fbc3c134ee5bceae371..1d1e623c11c8abe7bc40f4cc61e87202355ae28d 100644 (file)
--- a/src/charon/charon.c
+++ b/src/charon/charon.c
@@ -204,7 +204,7 @@ static bool check_pidfile()
                        }
                        fclose(pidfile);
                        pidfile = NULL;
-                       if (pid && kill(pid, 0) == 0)
+                       if (pid && pid != getpid() && kill(pid, 0) == 0)
                        {
                                DBG1(DBG_DMN, "charon already running ('"PID_FILE"' exists)");
                                return TRUE;