rc.d + pidfile + ${name}_user = permission errors?

Hornpipe2

Member

Reaction score: 22
Messages: 80

I'm trying to create an rc.d script for an existing port (games/ioquake3-server), which will allow it to launch at system start, and be managed by the rc system.

This software is "interactive" (opens a console on stdin for control), so I have to launch it using daemon(8) instead to detach and keep it in the background.

I want to use the pidfile variable, to allow rc.subr(8) to track it. And I want to run as "games" user, not root. Here is what I have so far:

Bash:
#!/bin/sh
#
# ioq3ded.in for rc.d usage (c) 2019 Greg Kennedy.
# $FreeBSD$

# PROVIDE: ioq3ded
# REQUIRE: DAEMON
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable ioq3ded
#
#  ioq3ded_enable="YES"
#  # optional
#  ioq3ded_data="%%PREFIX%%/share/quake3"
#  ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"
#  ioq3ded_user="games"
#  ioq3ded_group="games"
#
# Note:
# This script is set to execute server.cfg from the system baseq3
#  folder at launch.  Most server config can be placed there.
# Some options MUST go on command-line and should be placed in
#  "ioq3ded_args" instead - these include "dedicated",
#  "com_hunkmegs", etc.

. /etc/rc.subr

name=ioq3ded
rcvar=ioq3ded_enable

load_rc_config $name
: ${ioq3ded_enable:="NO"}
: ${ioq3ded_data:="%%PREFIX%%/share/quake3"}
: ${ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"}
: ${ioq3ded_user="games"}
: ${ioq3ded_group="games"}

pidfile="/var/run/${name}.pid"

command="/usr/sbin/daemon"
command_args="-c -f -P ${pidfile} %%PREFIX%%/bin/${name} +set fs_basepath ${ioq3ded_data} ${ioq3ded_args}"

run_rc_command "$1"
Now, the problem I am having is that I can't use pidfile="/var/run/${name}.pid" with a non-root user, because only root has write access to /var/run. So, what is the proper place to write the pidfile to? /var/tmp maybe? Should I mkdir a temp folder to store data in while running? I haven't looked at a lot of services that run as non-root user to see what people are doing...

This section of the Handbook suggests modifying the Makefile for the entire port and using install to create correctly permissioned paths, but I am not clear on where that destination path should be.
 

ShelLuser

Son of Beastie

Reaction score: 1,720
Messages: 3,539

So why not create a /var/run/game directory, set the appropriate permission flags and use that to store your pid file? (edit: where 'game' is of course the name of whatever process you want to control).
 
OP
OP
Hornpipe2

Hornpipe2

Member

Reaction score: 22
Messages: 80

I did a bit more searching on the forums and ran across this post:

rc.d daemon not processing command flags

Reply 4 or so mentions using install(1) in ${name}_precmd to set up a folder with the correct permissions. There is a link to the source for databases/influxdb which demonstrates that usage. I think this is exactly what I'll try to do, and stick with /var/run (like you mentioned) as the parent folder. Thanks!
 

Alain De Vos

Member

Reaction score: 9
Messages: 61

Code:
ioq3ded_pidfile="/var/run/ioq3ded/ioq3ded.pid"

ioq3ded_precmd()
{
    install -d -o ioq3ded  /var/run/ioq3ded/
}
 
Top