/srv/irclogs.ubuntu.com/2010/01/20/#upstart.txt

=== pocek_ is now known as pocek
* ajb`` suspects what he's trying to do won't be possible with 0.3.914:10
=== ev1 is now known as ev
sadmac2ajb``: I don't entirely understand the question14:20
ajb``sadmac2: I want to use upstarts respawn directive to ensure the daemon is restarted if it crashes.14:52
ajb``sadmac2: However if I want the daemon to pick up defaults from /etc/defaults/daemonname I need to use a script to start it14:53
ajb``That doesn't seem to work, at least on 0.3.9 respawn can only deal with a direct exec as otherwise upstart looses track of the daemons pid14:54
ionscript14:55
ion  . /etc/defaults/foo14:55
ion  exec program args14:55
ionend script14:55
ionMake sure program doesn’t fork, that’s all.14:55
ajb``I tried that, but it didn't seem to work14:55
* ajb`` tries again14:56
ajb``:-) it works now.. I must of had a subtly broken config before (probably experimenting with the daemon/fork directives)15:00
ajb``ion: thanks15:00
ajb``I'm guessing Hardy doesn't have any debhelper scripts for packaging things in /etc/event.d?15:01
ionIt doesn’t.15:01
ajb``Is there any support for spawning processes under another uid? Or is that behaviour expected to be handled by the daemons themselves?17:11
sadmac2ajb``: there isn't yet. Upstart is poised to grow some very elaborate permissions stuff, so Scott didn't want to offer you a "wrong way of doing things."17:12
ajb``Hmm, I shall have to solve the problem another way for now then....17:24
ajb``I'm guessing post-start scripts have no gaurentee the daemon has run? Can the wait?17:27
ajb``s/the/the post-start script/17:29
sadmac2ajb``: if the daemon fails then the post-start shouldn't run17:35
mbiebl ajb``: I guess you just use su -c for now17:36
ajb``sadmac2: I want to be sure the daemon has created it's socket before tweaking it's permissions17:39
sadmac2ajb``: that makes no sense from a security standpoint17:39
sadmac2ajb``: you want to make sure the daemon has an opportunity to do things before you worry about it doing bad things?17:40
ajb``sadmac2: least bad option, I can't do su -c ${DAEMON} as that confuses upstart's process tracking17:42
ajb``as forks will have happened17:43
ajb``So option 2, allow the daemon to run as root but tweak it's comms socket to be group writable to the the things that need to talk to it17:43
sadmac2ajb``: su is not /supposed/ to fork I think. haven't figured out why it does17:43
sadmac2ion: where is scott these days?17:44
ajb``sadmac2: doesn't su always imply a shell getting invoked at some point?17:44
ajb``http://pastebin.com/m74d9c60e17:47
ionsadmac: He had a vacation last week, but he’s been active in Launchpad this week. Dunno why he’s not here.17:48
ajb``Short of patching the daemon (rrdcached btw) to be a suid binary I think a chgrp/chmod of the socket is the easiest way for now17:49
ajb``When we move our product to the next LTS (assuming upstart has the new permission stuff) I can look at making it neater17:50
ajb``Anyway thanks for the help, have to head off now17:50
mbieblion, sadmac2: I think Scott's at LCA17:56
mbieblhttp://www.lca2010.org.nz/programme/schedule/monday17:57
ionAh18:02
=== robbiew is now known as robbiew-afk
sadmac2mbiebl: that'd do it19:18
=== robbiew-afk is now known as robbiew

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!