Starting a service daemon @reboot not using root user 1

[sillyVM]

Dear all linux gurus,
I have a program called pandora_agent_daemon installed,in
/opt/pandora_agent/pandora_agent_daemon
The only way I can execute it is using "./pandora_agent_daemon start" under user 'pandora'
I would like to have this daemon started automatically everytime server (RHEL4.0) starts.
But I can't put it in rc3.d links or rc.local. Since that will promote it run under roots. right?
Is there any way to make it work? Any help would be appreciated it. Thank you all very much for sharing your intellect.

 

[Annihilannic]

Put a script in rc3.d as usual, and in that script just do:

[tt]su - pandora -c '
cd /opt/pandora_agent/pandora_agent_daemon
./pandora_agent_daemon start
'[/tt]

Annihilannic.

 

[sillyVM]

now i have put this in rc3.d links
lrwxrwxrwx 1 root root 38 May 9 15:19 S81pandoraa_agent -> /opt/pandora_agent/pandora_agent_start

and vi S81pandora_agent
here's whats inside
su - pandora -c '
cd /opt/pandora_agent/
./pandora_agent_daemon start
'

i tested by executeding this ./pandora_agent_start under 'root' it worked. but when i reboot the system it won't start back up

 

[sillyVM]

any where i can look at the debug info from the reboot?
also why do i have to use ./ to execute. and on some other linux like debian i don't?

 

[QatQat]

Have you looked at SUID?

not the safest but it does the job.


chmod o+s pandora_agent_daemon

QaTQat


If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!

 

[sillyVM]

hey Qat
can you be more specific? file permissions? I can execute it just fine.
I did chmod o+s, but i don't notice any changes what does it do anyway.


[root@px pandora_agent]# ls -la
-rwxr-xr-x 1 pandora 1000 1570 May 8 09:24 pandora_agent_daemon
[root@px pandora_agent]# chmod o+s pandora_agent_daemon
[root@px pandora_agent]# ls -la
-rwxr-xr-x 1 pandora 1000 1570 May 8 09:24 pandora_agent_daemon

 

[Annihilannic]

You would want to use chmod u+s instead.

To debug the startup script either just keep a close eye on the console while the system is booting, or check /var/log/boot.log, which may or may not be there depending on your Linux distribution.

Annihilannic.

 

[sillyVM]

now it is indeed:
-rwsrwxr-x 1 pandora pandora 81 May 9 15:11 pandora_agent_start
with pandora_agent_start in red...err? usually means it's broken right?

 

[Annihilannic]

Personally I would try and avoid using the SUID method unless you absolutely have to...

I'm not sure about the red colour, it really depends on how the colours are defined in your environment. For symbolic links red usually means a broken link, yes.

Annihilannic.

 

[sillyVM]

Yeah, but it's not only the link is broken. The .sh file is red too. >.<
I used chmod o+s to change it back, but it's still red. But the script again didn't execute successfully during boot. I don't know why. It didn't give any thing mentioned the script i executed in "boot.log".

 

[Annihilannic]

Try changing it to this:

#!/bin/sh

exec 1> /tmp/pandora_startup.log 2>&1

set -x 

su - pandora -c '
    cd /opt/pandora_agent/
    ./pandora_agent_daemon start
'

And then check the contents of /tmp/pandora_startup.log after rebooting.

Annihilannic.

 

[sillyVM]

NICE I found out the process was running before I executed the script, maybe shutdown uncleanly? But I added this, and everything works now!! You are the best, Thanks*1000^2

su - pandora -c '
cd /opt/pandora_agent/
./pandora_agent_daemon stop
./pandora_agent_daemon start
'

 

[QatQat]

sorry about the typo.

I agree that SUID is not safe, as I mentioned above and as Annihilannic reinforced but sometimes it makes you life easier. Also remember that a lot of linux commands have SUID by default.(example /usr/bin/passwd)

Being marked red is the normal behavior for files that have SETUID enabled.

To change it back

chmod u-s pandora_agent_daemon

QatQat

If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!

 

[sillyVM]

I see, Thanks much, now i got rid of the red highlight.