[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 300
  • Last Modified:

Start process with specific id at bootime -Solaris 2.6

On solaris 2.6 (sparc)I have Apache firing up from the /etc/rc3.d directory.

I need to start a process for some webtools at bootime as well, with a specific userid?
eg sysadmin

The syntax to start manually is....
/usr/local/apache/virtualhosts/webtools/bin/apachetcl start
This script is owned by root

How can this be done...thanks in advance
0
hyphen
Asked:
hyphen
  • 2
1 Solution
 
festiveCommented:
sounds like what you need is a SETUID
script, if I follow what you are saying correctly, then this is what you need..

Key things to remember : when you name the script /etc/rc3.d/S90webutils (etc)
you must start it AFTER apache, so pick a higher number than apaches (ie the 90 should be high enough)
Benefits of using the "su" method are that the process will inherit the login environment of the sysadmin user - this could be usefull if you have environment variables which others are changing and you don't want to keep updating the script.

Hope this helps

#!/bin/sh -p
# setuid shell script to start Apache and Web Tools
# install into /etc/rc3.d
# make owner "sysadmin"
# make group "bin"
# run chmod 4750 on the file (setuid)
# This will start the programs as "sysadmin"
echo "`date`: web started" >> /usr/local/logs/webstart.log
# now start apache as "sysadmin"
/usr/local/apache/virtualhosts/webtools/bin/apachetcl start
# optionally you could run the script as root
# and start with an su command like:
# su - sysadmin -c "/usr/local/apache/virtualhosts/webtools/bin/apachetcl start"


0
 
festiveCommented:
the "su" method requires no setuid but does mean that root could be running things that could be altered by others (in this case the .profile of sysadmin)
0
 
hyphenAuthor Commented:
Thanks Festive,
Tried su - c "/usr/local/....blah, blah" in a symlink...it bombed out with an apache exit code 3

SETUID script is an effective way to run as "a specific user".

However, have found out there is a "virtualhosts/webtools/conf/http.conf" file with in Apache that you can use to set the user/group that this runs under. Then place appropriate symlink in the rc3.d directory (it kicks off as root and changes to "specified user/group"
regards hyphen
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now