init: support dropping privileges
Bug #586942 reported by
Evan Broder
This bug affects 7 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
upstart |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
Currently upstart gives you a wealth of options for controlling the environment a daemon is started in, letting one get by without the standard start-stop-daemon (et al.) invoke in your upstart jobs.
The one thing it doesn't seem to have, though, is the ability to drop privileges. It would be nice if upstart config files supported a
user www-data
which would setuid to www-data before executing the daemon. That option should probably also initialize the gid and group vector of the daemon, possibly with additional options to override either the gid or group vector.
Related branches
lp:~broder/upstart/drop-privileges
- James Hunt: Needs Fixing
-
Diff: 748 lines (+536/-8)12 files modifiedcontrib/vim/syntax/upstart.vim (+1/-1)
init/errors.h (+4/-0)
init/job_class.c (+3/-0)
init/job_class.h (+4/-0)
init/job_process.c (+82/-0)
init/job_process.h (+4/-0)
init/man/init.5 (+26/-0)
init/parse_job.c (+84/-0)
init/tests/test_job_class.c (+4/-0)
init/tests/test_job_process.c (+49/-7)
init/tests/test_parse_job.c (+234/-0)
util/tests/test_user_sessions.sh (+41/-0)
To post a comment you must log in.
It's most likely that "user" will be reserved for running jobs as a given user with a full PAM session.
"setuid" might be more appropriate for your example