[systemd-devel] forking PIDFile question
Jonathan de Boyne Pollard
J.deBoynePollard-newsgroups at NTLWorld.COM
Wed Feb 21 06:31:23 UTC 2018
steve at goodey.org:
> [Service]
>
> Type=forking
>
Your program has an -f option to stop it from vainly trying to
re-daemonize itself. Use it; and do not use Type=forking in the first
place.
*
http://jdebp.eu./FGA/unix-daemon-design-mistakes-to-avoid.html#DoNotBackgroundise
The supplied systemd service unit that comes packaged by Ubuntu/Debian
does this. You can ignore its use of -s 1 , as systemd will log the
program's standard output and -s 0 will do quite well.
*
https://sources.debian.org/src/lcdproc/0.5.9-2/debian/lcdproc.LCDd.service/
steve at goodey.org:
>
> [server]
>
> User=nobody
Also, do not abuse nobody for dæmons. Use a dedicated unprivileged user
account, such as (for example) lcdproc. Name the unprivileged user
account in the service unit in a User= setting, and using filesystem
ACLs or otherwise grant it nothing except the permission to open
/dev/ttyUSB0 for writing and to open the configuration file for reading.
* http://jdebp.eu./FGA/dont-abuse-nobody-for-daemons.html
Currently, you are running your program as the superuser with a
configuration file owned by an unprivileged user. This is a backdoor
into your system, as anyone who compromises that unprivileged user
account (which is the one that you run your WWW browser as, and that you
use to run software build systems and other programs downloaded from
other people that you do not know, ne?) can rewrite the configuration
file and thereby persuade a superuser-privileged process to open an
arbitrary file and write stuff (which it does before it attempts to
detect whether it is running as the superuser).
More information about the systemd-devel
mailing list