In cases such as these (when a daemon absolutely has to perform certain tasks as root) it is usually best to use privilege separation. Fork your process into two daemons and drop privileges on one of them. The privileged process (i.e. the one running as root) is used to only perform those tasks that require root access. The other process is used for all other tasks (especially for potentially dangerous IO tasks such as sniffing the network or accepting user input). Communication between the two can be done via any of the various IPC means available.
The way you describe your goal it might even be sufficient for the unprivileged process to gather information only when the user tells it to, so it doesn't even have to be a daemon. This would mean you'd run the daemon as root all the time but have a user-run script sitting in the front, which accepts user input, gathers the necessary information and then sends this to the daemon for taking action (i.e. activate and configure the network interface). This, AFAIK, is how network-manager works, which does a lot of what you're describing (though not everything, so don't let its existence discourage you from this).
One simple way of communicating with the privileged daemon is for it to open a named pipe, which a user process/daemon can write to. By making this pipe group- and not world-writable you can limit the users who can communicate with the daemon to a given group. Or, if you only want one user to be able to communicate with the daemon, you can just make it writable for that user.
In reply to Re: Perl as a daemon... as root?
by tirwhan
in thread Perl as a daemon... as root?
by korpenkraxar
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |