| ktk | hi all | 13:09 |
|---|---|---|
| ktk | short q: what would be the correct way to start a service as another user with upstart? I tried this: | 13:10 |
| ktk | exec su - vbox -c "svscan /home/vbox/services" | 13:11 |
| ktk | but that creates three processes: | 13:11 |
| ktk | -- | 13:11 |
| ktk | vbox 4099 0.0 0.1 2672 1068 ? Ss 13:56 0:00 su - vbox -c svscan /home/vbox/services | 13:11 |
| ktk | vbox 4179 0.0 0.0 1752 508 ? S 13:56 0:00 -su -c svscan /home/vbox/services | 13:11 |
| ktk | vbox 4185 0.0 0.0 1708 380 ? S 13:56 0:00 svscan /home/vbox/services | 13:11 |
| ktk | -- | 13:11 |
| ktk | couldn't find hints in the docs so far | 13:12 |
| ion_ | How about if you scrap the - and use -c 'exec svscan ...'? (Just guessing here) | 13:12 |
| ktk | well if I run it by hand I need the - for switching to the correct environment of the user | 13:13 |
| Keybuk | not sure why su adds another child there | 14:20 |
| ktk | well the last pid makes sense | 14:23 |
| ktk | the other two not IMHO | 14:23 |
| Keybuk | exec su -c "exec svscan /home/vbox/services" - vbox | 14:24 |
| Keybuk | is the usual way | 14:24 |
| ktk | letme try that | 14:25 |
| ktk | ok now I could get rid of one process :) | 14:40 |
| ktk | looks like this now: | 14:40 |
| ktk | -- | 14:41 |
| ktk | vbox 4031 0.0 0.1 2668 1064 ? Ss 15:26 0:00 su -c exec svscan /home/vbox/services - vbox | 14:41 |
| ktk | vbox 4105 0.0 0.0 1708 380 ? S 15:26 0:00 svscan /home/vbox/services | 14:41 |
| ktk | -- | 14:41 |
| ktk | but 4031 still should not stay like this | 14:41 |
| Keybuk | are you sure that the 4105 isn't a fork by svscan | 14:49 |
| ktk | good question, letme try that by hand again | 14:52 |
| ktk | doesn't seem to fork like this | 14:58 |
| ktk | so I am pretty sure that's not svscan | 14:58 |
| ktk | hmm su seems to do that | 15:00 |
| ktk | but I don't see why | 15:00 |
| Keybuk | who knows | 15:00 |
| Keybuk | tried without the "-" ? | 15:01 |
| ktk | will try moment | 15:01 |
| Keybuk | it might be because upstart processes are session leaders | 15:01 |
| Keybuk | so su makes a new session | 15:01 |
| Keybuk | you need to fork to do that | 15:01 |
| Keybuk | odd that it keeps the old one around though | 15:01 |
| Keybuk | normally the parent would exit | 15:01 |
| ktk | nope that seems to cause more problems without the - | 15:02 |
| ktk | then I get even more | 15:02 |
| ktk | couldn't find any other example of a process that should run under a different user | 15:03 |
| ktk | anyone got an example how apache would be started like this? | 15:03 |
| ktk | for example | 15:04 |
| Keybuk | usually they do it themselves | 15:09 |
| ktk | hmm ok | 15:11 |
| brendan_ | Keybuk: is running event.d scripts as different users on the roadmap? | 17:06 |
| Keybuk | eventually | 17:09 |
| Keybuk | there's a small parcel of issues and decisions there though | 17:09 |
| Keybuk | e.g. what does "run as a different user" actually mean | 17:09 |
| Keybuk | it can mean setuid(), it can mean setuid() and initgroups(), it can mean a full PAM session, it can mean ConsoleKit registration and it can mean a session environment including such things as D-Bus, etc. | 17:09 |
| Keybuk | also there's the permission aspect | 17:10 |
| Keybuk | e.g. if I jobs are run as my user, should my user have permission to stop and start them? | 17:10 |
| Keybuk | therefore if I emit an event, are only my jobs started by it? | 17:10 |
| brendan_ | complex, indeed | 17:46 |
| brendan_ | keybuk: as an aside, we're running upstart inside xen virtual domains and it works great for that purpose. especially so since the virtual domains are treated like a service - having init be able to handle respawning of things is a huge help | 17:51 |
| brendan_ | we're loving upstart :) | 17:51 |
| Keybuk | cool | 17:58 |
| === keesj_ is now known as keesj | ||
| sadmac2 | Keybuk: how's dbus support comming? | 21:08 |
| Keybuk | sadmac2: haven't done much on it recently | 21:57 |
| sadmac2 | Keybuk: ah. | 21:59 |
| Keybuk | ENOTIME | 21:59 |
| sadmac2 | Keybuk: as soon as that and profiling/flags appears in some form in upstart I'm going to want to build trunk in rawhide so we can gear up for F10. | 22:00 |
| sadmac2 | (F9 is in final release freeze now) | 22:00 |
| Keybuk | *nods* | 22:00 |
| Keybuk | once my Meteorology exam is out of the way, I'll probably have more spare time again ;) | 22:15 |
| Keybuk | though then I should really concentrate on Navigation | 22:15 |
| Keybuk | still aiming for a May release of 0.5 though | 22:15 |
| sadmac2 | May is good | 22:30 |
| sadmac2 | still waiting to hear about whether they're sending us to the con. | 22:30 |
| sadmac2 | Keybuk: https://bugzilla.redhat.com/show_bug.cgi?id=439699 | 22:36 |
| sadmac2 | ^^I'm a bit stumped by this one. | 22:36 |
| jdong | Keybuk: cool, you study meteorology? | 22:40 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!