Daemon processing under different IDs.

furrypop has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

I've written a Perl daemon as a wrapper for a Java middleware gateway. It basically eases the configuration and ensures that the Java process is completely disassociated from the calling process (ie it setsids).

We have several instances of the gateway, each with their own config and I'm now being asked to ensure that each gateway process is started under a different ID.

I know I can do this by setting up sudo on the (Solaris) machine and creating a specific start script for each gateway, owned by each ID and with setuid permissions, and have this run by the daemon script. However, it seems like a lot of additional configuration each time a new gateway is added.

So, is there a way to set the ID under which the child process is spawned from within the Perl script? Would this still require sudo?

Apologies if this is crosses over into a UNIX question rather than merely a Perl one.

Thanks for your help,

Comment on Daemon processing under different IDs.

Replies are listed 'Best First'.
Re: Daemon processing under different IDs. by Zaxo (Archbishop) on Jan 14, 2005 at 14:34 UTC
Just another function to import from POSIX, `use POSIX qw/setuid setsid/;` Be cautious about what values you feed `setuid`. After Compline, Zaxo	[reply] [d/l]
Re^2: Daemon processing under different IDs. by furrypop (Novice) on Jan 14, 2005 at 15:07 UTC
I should have guessed that POSIX would contain it. Thanks for the reply.	[reply]
Re: Daemon processing under different IDs. by Fletch (Bishop) on Jan 14, 2005 at 14:48 UTC
You can do it by twiddling `$<` and/or `$>` (see `perldoc perlvar`) but the process doing so would need to be started as root (since only root is allowed to change to an arbitrary uid). Also if you've got setuid start scripts you really don't need to use `sudo` since each one will be run as the owner. What I'd do would be to put all the gateway users in a group and then setup `sudo` to allow the startup user to run `sudo -u gateway1 start_gateway -f cfg/gateway1` for each `gateway`n; don't even bother with setuid stuff. And no, it's not really Perl related.	[reply] [d/l] [select]