I am trying to write a daemon in perl that “watches” a directory (using perl-linux-Inotify2).
I have written the script and am satisfied with it. I would like this to automatically start at boot and cleanly be started and stopped with an rc like command. I was able to put something together using Cool Solutions: Creating Custom init Scripts.
However, I would like this script to run under an unprivileged daemon account (as many other daemons do). I don’t know many options here. If I use sudo within the script, it spawns a new process and this is not cleaned up by the rc scripts. The setuid bit won’t work because it is a script instead of a binary file, so this won’t run as my unprivileged user.
Any ideas? Should I just write this program in C, compile it, and use the setuid bit?
Assuming you are using the CS exactly you are using startproc and
killproc, presumably. Thankfully, those are good commands.
man startproc
-u user
Sets the user ID of the process to user.
There ya go.
Good luck.
pwright2 wrote:
> I am trying to write a daemon in perl that “watches” a directory (using
> perl-linux-Inotify2).
>
> I have written the script and am satisfied with it. I would like this
> to automatically start at boot and cleanly be started and stopped with
> an rc like command. I was able to put something together using ‘Cool
> Solutions: Creating Custom init Scripts’
> (http://www.novell.com/coolsolutions/feature/15380.html).
>
> However, I would like this script to run under an unprivileged daemon
> account (as many other daemons do). I don’t know many options here. If I
> use sudo within the script, it spawns a new process and this is not
> cleaned up by the rc scripts. The setuid bit won’t work because it is a
> script instead of a binary file, so this won’t run as my unprivileged
> user.
>
> Any ideas? Should I just write this program in C, compile it, and use
> the setuid bit?
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
Write a C wrapper to start (and stop) the process. There’s an example of a small C wrapper for a Perl script in the camel book. The compiled C wrapper may, of course, have the setuid bit set.