/srv/irclogs.ubuntu.com/2013/02/27/#upstart.txt

geekbriIs there a way to run a command inside an upstart script as the root user if you are using setuid to run the process as a different user?00:00
geekbriI need to ensure the existence of a pid directory, and the user running the process doesn't have permissions to create the dir00:01
SpamapSgeekbri: unfortunately no, its a known deficiency of setuid/setgid :(00:03
SpamapSgeekbri: for that, you'll want to remove the setuid/setgid and use start-stop-daemon to run the end-command as the user.00:03
geekbriSpamapS: That stink :(.  I want to use setuid and setgid so i can use "limit" to set the ulimits 00:03
SpamapSgeekbri: http://upstart.ubuntu.com/cookbook/#changing-user00:04
SpamapSgeekbri: you can make a second job, that is 'start on starting foo' that does the directory bit00:05
geekbriSpamapS: yeah, I was hoping to avoid that :-\00:05
SpamapSgeekbri: the idea I had is to have the pre-start/exec/script/etc. keywords take optional setuid/setgid args00:05
SpamapSgeekbri: nobody has had time to implement it though00:06
geekbriYeah, it would be nice if you could force a particular script stanza to run as a different user00:06
geekbrithat would solve my problem, and makes perfect sense :)00:06
SpamapSgeekbri: "patches accepted"00:07
geekbriYeah, I haven't looked at the upstart code base at all.  I might be able to whip something up and submit a patch00:07
geekbriAh, wish it was using git :)00:08
geekbriWell thanks for the help.  Not sure how i'll end up dealing with this as i need to set the limits as well and thats a shell built in so can't be called with sudo.  Either way appreciate it00:13
xnoxjodh: does libnih also need malloc removal?12:19
jodhyeah12:19
jodhxnox: want to volunteer? ;)12:20
xnox*sigh*12:20
afournier1woglind, when it returns 1, opkg marks the package as "install user unpacked" instead of "install user installed" that means the postinst failed, that means it will try to launch the postinst everytime opkg configure is launched13:06
afournier1oops wrong channel13:07
=== jeremy is now known as Guest68450
=== Guest68450 is now known as Guest-jeremy
Guest-jeremyHi guys! I googled my query but can't find any answers. I would like to wait a specific amount of time between each respawn of my process. Could upstart even capable of that? 15:08
phroddon http://upstart.ubuntu.com/wiki/Stanzas#respawn_limit15:21
phroddonGuest-jeremy: ^ should do what you want15:21
jodhGuest-jeremy: ... or to actually delay the respawn itself, you could do something like 'post-stop exec sleep 7'.15:24
Guest-jeremythx guys !15:24
Guest-jeremyI think it answer perfectly my issue15:25
geekbriok so if expect fork expects the thing to fork 1, and expect daemon expects it to fork twice, what do i do for a piece of software i have that forks 3 damn times :)18:20
xnoxgeekbri: it's bad software. Why does it do that? =))))18:21
geekbrixnox: I don't know, but its sure not making life easy is it :)18:21
xnoxgeekbri: the best solution is to make it run in foreground and not fork at all.18:21
geekbriYeah, i was hoping to avoid doing that, but I think that is what i will do18:21
xnoxgeekbri: stdout & stderr will be logged into /var/log/upstart/$job.log18:21
xnoxgeekbri: it's actually for the best & most reliable way.18:22
xnoxgeekbri: in autofs5 i patched out pointless forks by moving daemonisation first and made all other forks it performs to be done once it has daemonised already.18:23
xnoxthat way the first fork was the right one to track all all others appeared & disappeared.18:23
xnoxwhat is it doing in those three forks?!18:23
geekbrixnox: I discovered the issue actually.  I'm running the daemon via sudo, so I guess thats causing it to fork an extra time.  I have to do this as I can't use setuid and setgid because I need to create a directory in the startup script, but if i setgid it doesn't have persm to create the directory18:23
xnoxgeekbri: yes sudo adds an extra pointless fork, don't do that.18:24
geekbrihow will i run it as a different user then if i can't use setuid because I need to run commands as a privileged user in the upstart script?18:24
xnoxgeekbri: what directories are you creating? can the be shipped by a package? Also directories can be created in a separate job with stanza task which you can depend on.18:25
xnoxand later you can start/stop/restart your main daemon without worrying about directories, cause they will be there.18:25
geekbrixnox: Was hoping to avoid creating 2 upstart jobs for 1 daemon as that seems like a hacky work around.  I need to ensure the pid directories exist, or else it explodes why trying to run18:25
geekbriLife would be so much easier if you could just specify only certain stanzas to run under setuid :)18:26
xnoxgeekbri: but if you are running it in foreground it shouldn't need any pid directories.....18:26
geekbriright, but, ok the issue here is18:26
SpamapSgeekbri: start-stop-daemon can exec, rather than fork+exec. Why are you using sudo?18:26
geekbriIm working on writing a recipe esentially that runs on multiple platforms and supports multiple job control types, EG upstart / init.d etc18:26
xnoxgeekbri: I am not sure but doesn't setuid only affect script/exec or do they affect pre-start as well?!18:26
geekbriSo I was trying to create an upstart script that would cause the least amount of configuration file changes in the daemon itself18:27
geekbrixnox: setuid and setgid effect everything in the upstart job18:27
xnoxok.18:27
SpamapSxnox: setuid is global18:27
geekbriif you call setuid, no matter if you have something before or after it, the whole script is running as that user18:27
SpamapSxnox: we've talked about having overrides per execution stanza18:27
xnoxgeekbri: I still want to know which dir you are creating though =)18:28
geekbriim creating a directory in /var/run for the daemon18:28
geekbriyes i know if i run it in the foreground it shouldn't need a pid, so i may have to do all of that18:28
geekbriI was just looking for ways to avoid it, as its going to cause a bunch of adding complexity and logic in the configuration file due to upstart18:29
geekbriit looks like, unfortunately, I don't have a choice18:29
geekbrithe pid stanza is to tell upstart where it should store a pid file, not where the pidfile to read would be located correct?18:30
xnoxupstart and pid stanza ?!18:30
geekbrihttp://upstart.ubuntu.com/wiki/Stanzas#pid18:30
xnoxgeekbri: this is obsolete.18:31
xnoxgeekbri: http://upstart.ubuntu.com/cookbook/18:31
xnoxthere is no pid stanza any more.18:31
xnoxas far as I know.18:31
geekbriah ok, must have been deprecated.  That's unfortunate18:32
xnoxesentially none of the software write out pids correctly (together with clearing stales once and when dieing)18:32
xnoxgeekbri: please read the new cookbook I am sure you will be enlighten on how to potentially solve your use case better.18:32
geekbriSounds like the solution is, modify the configuration file when upstart is the job control type so that it does not daemonize18:32
geekbriwhich is what i was trying to avoid, but thats ok.18:33
SpamapSgeekbri: why would running in foreground cause complexity?18:33
SpamapSgeekbri: ahh, it doesn't have a cli option to specify that?18:33
SpamapSwhich .. most things do18:34
geekbriSpamapS: the complexity doesn't lie within configuring this thing to run with upstart so much as I am writing somethign that allows selection of the job control type (EG, upstart / initd / runit / monit) 18:34
geekbriso I was attempting to try and keep the majority of the configuration changes necessary for that in the startup scripts themselves, and out of the configuraiton of the daemon itself18:34
SpamapSyeah, thats what cli options are for18:35
geekbriyeah, and I could move them out from the conf file to the CLI18:35
SpamapSexec yourthing --foreground is pretty darn clear and simple18:35
geekbriim not sure if the cli options override was in the config file, thats a good question, lets find out.18:36
SpamapSalways should18:37
SpamapSdefaults -> conffile -> cli -> runtime .. that should be how things are set18:37
geekbrihow things should work and how they do work, well18:40
geekbrinot always 1:118:40
SpamapSaye18:46
geekbriOk, one last question here.18:59
geekbrioh nevermind maybe i solved it19:00

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!