Solved rc.d + pidfile + ${name}_user = permission errors?

I'm trying to create an rc.d script for an existing port (games/ioquake3-server), which will allow it to launch at system start, and be managed by the rc system.

This software is "interactive" (opens a console on stdin for control), so I have to launch it using daemon(8) instead to detach and keep it in the background.

I want to use the pidfile variable, to allow rc.subr(8) to track it. And I want to run as "games" user, not root. Here is what I have so far:

Bash:
#!/bin/sh
#
# ioq3ded.in for rc.d usage (c) 2019 Greg Kennedy.
# $FreeBSD$

# PROVIDE: ioq3ded
# REQUIRE: DAEMON
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable ioq3ded
#
#  ioq3ded_enable="YES"
#  # optional
#  ioq3ded_data="%%PREFIX%%/share/quake3"
#  ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"
#  ioq3ded_user="games"
#  ioq3ded_group="games"
#
# Note:
# This script is set to execute server.cfg from the system baseq3
#  folder at launch.  Most server config can be placed there.
# Some options MUST go on command-line and should be placed in
#  "ioq3ded_args" instead - these include "dedicated",
#  "com_hunkmegs", etc.

. /etc/rc.subr

name=ioq3ded
rcvar=ioq3ded_enable

load_rc_config $name
: ${ioq3ded_enable:="NO"}
: ${ioq3ded_data:="%%PREFIX%%/share/quake3"}
: ${ioq3ded_args="+set dedicated 1 +set com_hunkmegs 48 +exec server.cfg"}
: ${ioq3ded_user="games"}
: ${ioq3ded_group="games"}

pidfile="/var/run/${name}.pid"

command="/usr/sbin/daemon"
command_args="-c -f -P ${pidfile} %%PREFIX%%/bin/${name} +set fs_basepath ${ioq3ded_data} ${ioq3ded_args}"

run_rc_command "$1"

Now, the problem I am having is that I can't use pidfile="/var/run/${name}.pid" with a non-root user, because only root has write access to /var/run. So, what is the proper place to write the pidfile to? /var/tmp maybe? Should I mkdir a temp folder to store data in while running? I haven't looked at a lot of services that run as non-root user to see what people are doing...

This section of the Handbook suggests modifying the Makefile for the entire port and using install to create correctly permissioned paths, but I am not clear on where that destination path should be.
 
So why not create a /var/run/game directory, set the appropriate permission flags and use that to store your pid file? (edit: where 'game' is of course the name of whatever process you want to control).
 
Back
Top