1

I have an Ubuntu 14.04 LTS server running a few different programs under Supervisor. Many of the programs need to store sockets and other named pipes on the filesystem, and /run seems like the ideal choice for these types of files. Unfortunately, /run is tmpfs and removed on every reboot, and root privileges are needed to (re)create the directories that each program can write to.

I need a way to create a few subdirectories in /run and set the owner/mode to something that each program can work with, and do so on each reboot before Supervisor tries to start them. It does not look like Supervisor supports a mechanism to run pre-start commands before it starts a program.

Most other answers for this type of question suggest doing it in the init script, but that belongs to Supervisor's package and I do not want to mess with it (or have to maintain it when it changes upstream).

If this machine had Systemd it seems like I could use /etc/tmpfiles.d, but it does not.

The best idea I came up with was to use a separate Upstart pre-start script for each program that only creates the directories without actually launching any processes. Something like:

/etc/init/myapp1.conf

start on runlevel [2345]

pre-start script
    mkdir -p -m 0755 /var/run/myapp1
    chown app1user: /var/run/myapp1
end script

...without any exec line. I'm not 100% sure this is valid or sane, but it appears to work. Are there cleaner ways to do something like this?

smitelli
  • 6,835
  • 3
  • 31
  • 53

1 Answers1

0

Do you run your apps under supervisor under a specific user? Because by default applications are run with root as owner.

What I would do is a simple script which does the following:

  1. Checks if the required files/folders are created.
  2. Sets the owner if necessary.
  3. Then starts your application

Put this script into your supervisor config instead of directly starting your application. Make sure that it is run with root (remove user from the config or set user=root).

This way you can always make sure that your environment is set up and your directories exist. So if you clear the tempfs for some reasons, your scripts will still run without reboot.

If you NEED to run your applications under a specific user, you can do the following:

  1. Move the first 2 points into a separate setup script (as you would do now using your solution).
  2. Create another script which calls your setup script with sudo and starts your application
  3. Add your custom user and script to the sudo file so that your user can call that script as root without a password prompt. (Be aware: this is a security risk, if someone gets access to your server. Make sure that your setup script is NOT writable)
mark.sagikazar
  • 1,032
  • 8
  • 19