[Web-SIG] Daemon server management

Shannon -jj Behrens jjinux at gmail.com
Thu Jun 9 23:24:35 CEST 2005 

On 6/9/05, mso at oz.net <mso at oz.net> wrote:
> Shannon -jj Behrens said:
> > I usually just write a wrapper that matches whatever OS I'm on.  I.e.
> > I sacrifice the cross-platform requirement.  Creating a FreeBSD
> > rc.sh-type script is quite simple.  Perhaps I'm being naive.
> 
> I've got a similar situation now.  I've been using start-stop-daemon on
> Linux to daemonize a naive Quixote application, but there's no equivalent
> wrapper for Mac OSX 10.3.  We're looking at teaching the Python program
> itself to daemonize, although I think that's less ideal than using a
> platform-standard wrapper.  There's a couple examples in the Python
> Cookbook (search for "daemon"); this is the one we're going to try:
> http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/278731
> 
> Essentially, your application calls a function and then continues,
> blissfully unaware it's been forked.  However, it doesn't make a PID file
> or change uid.  These are essential for production services.  We're
> looking at extending the function to do these.
> 
> The top-level executable needs --pidfile, --user and --group flags or the
> equivalent.  (start-stop-daemon uses --chuid USER:GROUP).

I would give up root manually.  Afterall, no library code knows when
the right time is, eh?

> > As for the pid file, if the user tries to start the server and I see
> > that it exists, I exit with an error.  If the user tries to stop a
> > server, and there is no pid file, I exit with an error.
> 
> Yes, that's what most applications do.  If the process doesn't exist it's
> OK to overwrite the file, but there's also an argument for forcing the
> user to do it manually.  If the process does exist, we can't tell whether
> it's a conflicting Paste or an unrelated process, so we have to abort.

In the hope that it's useful, here's code to change your eid:

==========================================================================
"""This module contains the ``seteids`` function."""

__docformat__ = "restructuredtext"

import os


def seteids(user, group):
    """Change the ``euid`` and ``egid`` if run as root.

    user, group
      The user and group to change to.  

    This function is self contained so that subclasses can easily drop this
    behavior.  I won't, however, bother to catch exceptions because this is
    something you need to think about.

    """
    import pwd
    import grp
    UID = GID = 2
    if not os.geteuid():
        os.setegid(grp.getgrnam(group)[GID])    # This must come first.
        os.seteuid(pwd.getpwnam(user)[UID])
==========================================================================

More information about the Web-SIG mailing list