| crazy2be | Is there some way that i can get upstart to run a task with a certain username/userid? Or is there another tool that is better suited to that task? | 02:03 |
|---|---|---|
| crazy2be | My server is written in golang, and i want to sandbox it somewhat in case there are vulnerabilities in my code (or the runtime!) | 02:04 |
| ashb | crazy2be: sudo/su | 02:04 |
| ashb | exec sudo -u me bash -c "command goes here" has always been how i've done it | 02:04 |
| crazy2be | what happens when you run those as root? Never done that... I'll give it a try | 02:04 |
| crazy2be | btw, thanks for this great utility! | 02:05 |
| crazy2be | ubuntu is working great for my server | 02:07 |
| crazy2be | even if it's the desktop edition :P server edition wouldn't work with my hardware | 02:07 |
| === robins is now known as robinsmidsrod | ||
| ashb | hmmmm should upstart not have a dep on dbus? | 23:10 |
| ashb | status: Unable to connect to system bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory | 23:10 |
| ion | Run the command as root | 23:12 |
| ion | The daemon is optional. It’s only needed for non-root access. | 23:13 |
| ashb | ah | 23:13 |
| ashb | ah yes. | 23:13 |
| ashb | what should I do if i want to send a USR2 signal to a job | 23:13 |
| ashb | use a clasic init script that wraps initctl to do everything else? | 23:13 |
| ion | Something like killed=false; eval "$(LC_ALL=C initctl status tty6 | sed -nre 's/.* process ([0-9]+).*/kill -USR2 \1; killed=true/p')" | 23:15 |
| ashb | where? (is there a better place than an init.d script? | 23:16 |
| ion | What’s the USR2 for? If reloading config or something like that, alas, currently the signal for reload is not configurable. | 23:17 |
| ashb | kinda yeah - its to make the unicorn (ruby webserver) spawn a new master and kill the old one seamlessly | 23:18 |
| ion | I take it Unicorn can’t be configured to do that on SIGHUP? | 23:18 |
| ashb | sighup would work if i didn't want seamless | 23:19 |
| ashb | that makes it kill all its children then start again, but doesn't workj when you load app before forking the workers | 23:19 |
| ion | And that’s not configurable? | 23:19 |
| ashb | nope | 23:19 |
| ion | There might be no pretty solution until the signal sent by reload becomes configurable. | 23:21 |
| ashb | k | 23:37 |
| === ion_ is now known as ion | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!