以非root用户身份运行系统守护程序PID文件的首选位置

Question

My question is related to this question , but the processes in question are run from cron, and by non-root users. As such, many of the users don't really have home dirs (or their home dirs point to /usr/share/package_name which is not an ideal location for a PID file).

Storing in /var/run is problematic, because this directory is not writable except by root.

I could use /tmp , but I wonder if this is ideal for security reasons.

I could arrange for a startup script to create a directory in /var/run which is owned by the appropriate user (I can't do this at package install time, as /var is often mounted as tmpfs, so is not persistent).

What's the best practice here?

Answer 1

Nice question :), I'm having exactly the same at moment. I'm not sure if this is the correct answer but I hope it helps and I would appreciate feedback as well.

I've googled around and found that registering the per user daemon as a dbus service is an elegant solution. dbus could make sure that the service runs just once. no need for a pidfile.

Another solution (my current) would be to create the PID file in a directory like:

$HOME/.yourdaemon/pid

After your comment I realized, that you cannot write to home. I would suggest to look into dbus

Update

I have an idea. What if you are using /tmp, but looking for a pidfile which is called yourdaemon.pid.UNIQUE_KEY and is owned by the daemon's user? This should work fine.

UNIQUE_KEY should be random generated (preferred is using tempnam as it is race condition proof).