-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for running daemons under sudo
#61
Comments
Hi Timo. Thanks for the careful exposition of this problem. I must say, my knee-jerk reaction is "don't do that" - instead you could use capabilities on Linux to allow binding to a privileged port, or have a persistent privileged program that binds to the port and proxies traffic to a non-privileged program that is managed by modd, or even use iptables/pf to forward a port to a local unprivileged port. I'll assume that you've thought of all of these possibilities, and for whatever reason, they don't work for you. As your proposal hints, I feel modd should remain agnostic about privilege and instead to let the user specify a custom restart command. I'd accept a patch that implements this, as long as we can get the syntax right and behaviour right. I'd call the restart command restart, since it might presumably do something entirely unrelated to signals to restart a daemon. We could then say that if a restart command is defined in a block, it is used to restart all daemons, unless they have an explicit +signal modifier. It's an error to define more than one restart command per block, but I think that's a manageable limitation. |
@cortesi Thanks for the reply! I'm working on an eBPF program, and my initial attempts at getting my tool to run with a minimal capability set were unsuccessful, so I just switched to running with Still, I think a custom restart handler would be nice to have, your proposal sounds on point! |
Hi @cortesi, thanks for the cool project! This is a feature/documentation request for running privileged daemons using
modd
.I'm having some issues notifying the daemon I'm working on, because it's run as root using
sudo
. Posting a complete description here with the hope that it helps some users along. Workaround is at the end of the post.Consider the following example:
Running the daemon without sudo (and on an unprivileged port) yields the following output:
Wrapping it with sudo:
The daemon isn't stopped when stopping modd either.
This is normal behaviour, because the
sudo
binary has the setuid bit set. Sending signals to privileged processes (eg.pkill sudo
) as a normal user is not allowed:However, unlike
pkill
,modd
doesn't notify the user that sending the signal failed. I presume this is because it signals the pgroup as a whole, not processes individually. This caused me some frustration before I started digging into why this happened.This workaround worked:
Would it be possible to support privileged notification through extending the syntax? eg.:
The PIDs to notify could be presented as an internal variable. A
signal
specification would have to be written right after adaemon
statement, so multiple daemons with multiple different custom signal handlers could be supported.WDYT?
The text was updated successfully, but these errors were encountered: