start misbehaving deamons as another user than root
Michael Biebl
mbiebl at gmail.com
Sat Jul 14 14:21:20 BST 2007
2007/7/12, Philippe De Swert <philippedeswert at scarlet.be>:
> Hi,
>
> Thanks for the reply!
>
> > > I wondered if there was a way to get upstart to start daemons with another
> > > user than root. This because some daemons don't drop there privileges decently
> > > (or as in my case I need the init system to start them up, but I need them to
> > > be running with user privileges)
> > >
> > > I tried the following in the upstart scripts:
> > >
> > > su -l username -c daemon-command
> > >
> > su -l username -c exec daemon-command
>
> I tried this, unfortunately upstart complains about an unknown stanza, unless
> I put it between *script* and *end script* and then it still fails to work as
> it does not spawn the daemon process. (It does not work from the command line
> either. I also tried with regular commands like ls and the result is the same.)
>
> Anybody has any other ideas. Of course I can start patching upstart to use
> setuid and setgid an then actually launch the application/daemon. Eventually
> support for nice can be added too. Is this a good idea?
I don't think it would be that hard to add this kind of functionality
to upstart directly and it seems to me to be the right solution to
this problem.
Given that we add a uid/gid stanza to the upstart job file format, the
question is, if only the exec command would be started under the given
uid/gid or also the pre/post-start/stop and script sections.
Scott, what's your take on this?
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
More information about the upstart-devel
mailing list