[OpenIndiana-discuss] Advice for building SMF service for non-priviledged processes

Andrew Gabriel illumos at cucumber.demon.co.uk
Sat Jun 18 11:32:29 UTC 2011 

Andrew Gabriel wrote:
> Blake wrote:
>> I am working on an SMF script to allow a non-root user to managed the
>> Unicorn Ruby/Rails application server via SMF. But I'm having problems.
>>
>> We are also using RVM to manage rubies, so I need a way for the method
>> script to simulate an interactive login so that RVM works properly.
>>
>> Any ideas/suggestions much appreciated.
>
> I run mpd (music player daemon) as my userid via SMF.
>
> I use the following start method to emulate enough of my login for it
> to work:

Sorry, Thunderbird lost the formatting. Also, I thought afterwards that
the dependences might be useful for you too, so I'll try again, and include
the whole manifest... (I don't guarantee it's a perfect example)

<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<service_bundle type='manifest' name='export'>
 <service name='network/mpd' type='service' version='0'>
   <create_default_instance enabled='true'/>
   <single_instance/>
   <dependency name='mpd_name-services' type='service' grouping='require_all' restart_on='none'>
     <service_fmri value='svc:/milestone/name-services' />
   </dependency>
   <dependency name='mpd_multi-user' type='service' restart_on='none' grouping='require_all'>
     <service_fmri value='svc:/milestone/multi-user'/>
   </dependency>
   <dependency name='mpd_local-fs' type='service' restart_on='none' grouping='require_all'>
     <service_fmri value='svc:/system/filesystem/local:default'/>
   </dependency>
   <dependency name='mpd_remote-fs' type='service' restart_on='none' grouping='require_all'>
     <service_fmri value='svc:/system/filesystem/autofs:default'/>
   </dependency>
   <exec_method name='start' type='method' exec='/opt/local/bin/mpd' timeout_seconds='60'>
       <method_context>
           <method_credential user='andrew' group='staff'
                    privileges='basic' />
           <method_environment>
		<envvar name='HOME' value='/home/andrew' />
	    </method_environment>
       </method_context>
   </exec_method>
   <exec_method name='stop' type='method' exec=':kill' timeout_seconds='20'>
     <method_context/>
   </exec_method>
   <stability value='Unstable'/>
   <template>
     <common_name>
       <loctext xml:lang='C'>Music Player Daemon (mpd)</loctext>
     </common_name>
   </template>
 </service>
</service_bundle>

> You may need to add more envvars for your app, or start it via a shell
> script which does that for you.

-- 
Andrew

More information about the OpenIndiana-discuss mailing list