| Cameron Simpson wrote:
| Or, more simply, get root to make an empty pid file once and chown it to
| the daemon user. Then the daemon can rewrite the file as needed. You need
| to move to truncating the file instead of removing it on daemon shutdown,
| but that is trivial. And no mucking with privileges, like starting the
| daemon as root instead of directly as the daemon user, need be done.
|
| Although the file locking that I described is happening during boot (which I
| did not make clear), so I believe that the user is root already.
| Accordingly, I need to drop privileges to a user anyway. Still, I like
| your suggestion, so I'll remember it for another occasion.
Even during boot I tend to do this if its feasible, eg:
# boot script, running as root
>/var/run/thing.pidchown thingdaemon /var/run/thing.pid
su thingdaemon -c 'start the daemon...'
It avoids a lot of privilege code inside the daemon (presuming it doesn't
need to do other privileged anyway). i.e. have the daemon be "just a
tool" if possible.
Cheers,
--
Cameron Simpson <cs@zip.com.auDoD#743
http://www.cskk.ezoshosting.com/cs/