[13:09] hi all [13:10] short q: what would be the correct way to start a service as another user with upstart? I tried this: [13:11] exec su - vbox -c "svscan /home/vbox/services" [13:11] but that creates three processes: [13:11] -- [13:11] vbox 4099 0.0 0.1 2672 1068 ? Ss 13:56 0:00 su - vbox -c svscan /home/vbox/services [13:11] vbox 4179 0.0 0.0 1752 508 ? S 13:56 0:00 -su -c svscan /home/vbox/services [13:11] vbox 4185 0.0 0.0 1708 380 ? S 13:56 0:00 svscan /home/vbox/services [13:11] -- [13:12] couldn't find hints in the docs so far [13:12] How about if you scrap the - and use -c 'exec svscan ...'? (Just guessing here) [13:13] well if I run it by hand I need the - for switching to the correct environment of the user [14:20] not sure why su adds another child there [14:23] well the last pid makes sense [14:23] the other two not IMHO [14:24] exec su -c "exec svscan /home/vbox/services" - vbox [14:24] is the usual way [14:25] letme try that [14:40] ok now I could get rid of one process :) [14:40] looks like this now: [14:41] -- [14:41] vbox 4031 0.0 0.1 2668 1064 ? Ss 15:26 0:00 su -c exec svscan /home/vbox/services - vbox [14:41] vbox 4105 0.0 0.0 1708 380 ? S 15:26 0:00 svscan /home/vbox/services [14:41] -- [14:41] but 4031 still should not stay like this [14:49] are you sure that the 4105 isn't a fork by svscan [14:52] good question, letme try that by hand again [14:58] doesn't seem to fork like this [14:58] so I am pretty sure that's not svscan [15:00] hmm su seems to do that [15:00] but I don't see why [15:00] who knows [15:01] tried without the "-" ? [15:01] will try moment [15:01] it might be because upstart processes are session leaders [15:01] so su makes a new session [15:01] you need to fork to do that [15:01] odd that it keeps the old one around though [15:01] normally the parent would exit [15:02] nope that seems to cause more problems without the - [15:02] then I get even more [15:03] couldn't find any other example of a process that should run under a different user [15:03] anyone got an example how apache would be started like this? [15:04] for example [15:09] usually they do it themselves [15:11] hmm ok [17:06] Keybuk: is running event.d scripts as different users on the roadmap? [17:09] eventually [17:09] there's a small parcel of issues and decisions there though [17:09] e.g. what does "run as a different user" actually mean [17:09] it can mean setuid(), it can mean setuid() and initgroups(), it can mean a full PAM session, it can mean ConsoleKit registration and it can mean a session environment including such things as D-Bus, etc. [17:10] also there's the permission aspect [17:10] e.g. if I jobs are run as my user, should my user have permission to stop and start them? [17:10] therefore if I emit an event, are only my jobs started by it? [17:46] complex, indeed [17:51] keybuk: as an aside, we're running upstart inside xen virtual domains and it works great for that purpose. especially so since the virtual domains are treated like a service - having init be able to handle respawning of things is a huge help [17:51] we're loving upstart :) [17:58] cool === keesj_ is now known as keesj [21:08] Keybuk: how's dbus support comming? [21:57] sadmac2: haven't done much on it recently [21:59] Keybuk: ah. [21:59] ENOTIME [22:00] Keybuk: as soon as that and profiling/flags appears in some form in upstart I'm going to want to build trunk in rawhide so we can gear up for F10. [22:00] (F9 is in final release freeze now) [22:00] *nods* [22:15] once my Meteorology exam is out of the way, I'll probably have more spare time again ;) [22:15] though then I should really concentrate on Navigation [22:15] still aiming for a May release of 0.5 though [22:30] May is good [22:30] still waiting to hear about whether they're sending us to the con. [22:36] Keybuk: https://bugzilla.redhat.com/show_bug.cgi?id=439699 [22:36] ^^I'm a bit stumped by this one. [22:40] Keybuk: cool, you study meteorology?