Solved rc.d + pidfile + ${name}_user = permission errors?



Reaction score: 22
Messages: 83

I'm trying to create an rc.d script for an existing port (games/ioquake3-server), which will allow it to launch at system start, and be managed by the rc system.

This software is "interactive" (opens a console on stdin for control), so I have to launch it using daemon(8) instead to detach and keep it in the background.

I want to use the pidfile variable, to allow rc.subr(8) to track it. And I want to run as "games" user, not root. Here is what I have so far:

# for rc.d usage (c) 2019 Greg Kennedy.
# $FreeBSD$

# PROVIDE: ioq3ded
# KEYWORD: shutdown
# Add the following line to /etc/rc.conf to enable ioq3ded
#  ioq3ded_enable="YES"
#  # optional
#  ioq3ded_data="%%PREFIX%%/share/quake3"
#  ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"
#  ioq3ded_user="games"
#  ioq3ded_group="games"
# Note:
# This script is set to execute server.cfg from the system baseq3
#  folder at launch.  Most server config can be placed there.
# Some options MUST go on command-line and should be placed in
#  "ioq3ded_args" instead - these include "dedicated",
#  "com_hunkmegs", etc.

. /etc/rc.subr


load_rc_config $name
: ${ioq3ded_enable:="NO"}
: ${ioq3ded_data:="%%PREFIX%%/share/quake3"}
: ${ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"}
: ${ioq3ded_user="games"}
: ${ioq3ded_group="games"}


command_args="-c -f -P ${pidfile} %%PREFIX%%/bin/${name} +set fs_basepath ${ioq3ded_data} ${ioq3ded_args}"

run_rc_command "$1"

Now, the problem I am having is that I can't use pidfile="/var/run/${name}.pid" with a non-root user, because only root has write access to /var/run. So, what is the proper place to write the pidfile to? /var/tmp maybe? Should I mkdir a temp folder to store data in while running? I haven't looked at a lot of services that run as non-root user to see what people are doing...

This section of the Handbook suggests modifying the Makefile for the entire port and using install to create correctly permissioned paths, but I am not clear on where that destination path should be.


Son of Beastie

Reaction score: 2,097
Messages: 3,790

So why not create a /var/run/game directory, set the appropriate permission flags and use that to store your pid file? (edit: where 'game' is of course the name of whatever process you want to control).



Reaction score: 22
Messages: 83

I did a bit more searching on the forums and ran across this post:

rc.d daemon not processing command flags

Reply 4 or so mentions using install(1) in ${name}_precmd to set up a folder with the correct permissions. There is a link to the source for databases/influxdb which demonstrates that usage. I think this is exactly what I'll try to do, and stick with /var/run (like you mentioned) as the parent folder. Thanks!

Alain De Vos


Reaction score: 647
Messages: 2,168


    install -d -o ioq3ded  /var/run/ioq3ded/