From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2114 Path: news.gmane.org!not-for-mail From: Mike Buland Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: Per-user service managers Date: Thu, 20 Oct 2011 12:11:38 -0600 Message-ID: References: <87aa8vblyz.fsf@servo.finestructure.net> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary=bcaec529a0a151f86f04afbee3df X-Trace: dough.gmane.org 1319134305 15491 80.91.229.12 (20 Oct 2011 18:11:45 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Thu, 20 Oct 2011 18:11:45 +0000 (UTC) To: supervision@list.skarnet.org Original-X-From: supervision-return-2348-gcsg-supervision=m.gmane.org@list.skarnet.org Thu Oct 20 20:11:41 2011 Return-path: Envelope-to: gcsg-supervision@lo.gmane.org Original-Received: from antah.skarnet.org ([212.85.147.14]) by lo.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1RGx5h-00015N-3K for gcsg-supervision@lo.gmane.org; Thu, 20 Oct 2011 20:11:41 +0200 Original-Received: (qmail 15659 invoked by uid 76); 20 Oct 2011 18:14:43 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 15645 invoked from network); 20 Oct 2011 18:14:43 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=WKxopFWfGWEnzLtA2BJH95lySz3u/X4VRb/93M6VMTI=; b=xUN6tmuRKP3otldhgLdWtETi0lmxnZtWotV+qyKtD6b4ZyucrjnjK2wAW+HMtiKb7o y0Py6OiCLS2/YRVqCQyGSEqLd05DOPaRw7YC8v1/VGZ4Q7iaFBDjcvfmITD+8s+kzFaE 5YSn2vxk6CEC7AYjV9aBYGXXh85zcKtUdDjs0= In-Reply-To: <87aa8vblyz.fsf@servo.finestructure.net> Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2114 Archived-At: --bcaec529a0a151f86f04afbee3df Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Oct 20, 2011 11:40 AM, "Jameson Graef Rollins" < jrollins@finestructure.net> wrote: > > On Thu, 20 Oct 2011 10:26:17 -0600, Mike Buland wrote: > > I wrote this little program that manages per-user runsv instances. > > For each user in the "svusers" group it starts a service manager in > > their ~/.sv directory. The service manager runs as that user, so as > > long as they can run the sv program, they can manage their own > > services. > > > > Per-user service managers run independently of user logins. > > > > I've released this under the BSD license, and it's available on github. > > > > https://github.com/eichlan/usersv > > Hey, Mike. Very cool! I actually wrote basically the exact same thing > a while ago, but never got around to publishing it. I think this sort > of thing can be very useful. Thanks for sharing. > > I see that your system uses a single process that spawns a runsvdir for > each user. The problem I see with that is that it's hard to > individually control the user runsvdir processes. If you do have an > idea about how to control (ie. start/stop/restart/etc.) the user > runsvdir processes I would be interested in hearing it. If I understand correctly you're referring to the directory containing the services. This program uses the .sv directory in each user's home directory. As for controlling the runsvdir processes, I've never had ocassion to stop them once their started. My program does track all of them, and it has bee= n my intention to shutdown the runsvdir process for a user when they are removed from the svusers group. However, since runsvdir is designed to run forever and my intention was to provide reliable services for priveleged users, I'm not sure the restarting users runsvdir processes is necesarry. That doesn't mean I wouldn't happily accept a patch that provides that feature. I think that's actually an interesting question, my original idea was based around a grant/revoke model. Providing more fine grain control of the users' service managers never occured to me. Thank you for your reply, it's always good to get feedback. > The system I put together uses a separate runsv dir for each user, and > the entire system is basically encapsulated in the runsv run script (and > log/run script), which I've pasted in below. The env dir for this > particular example is as follows: > > HOME=3D/home/jrollins > LOG=3D/home/jrollins/.service.log > PATH=3D/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin > RUNSVDIR=3D/home/jrollins/.service > USER=3Djrollins > > Anyway, just thought you might be interested, and thanks again for > sharing your work. > > jamie. > > > servo 0$ cat /etc/sv/runsvdir-jrollins/run > #!/bin/sh > exec 2>&1 > USER=3D`head env/USER` > RUNSVDIR=3D`head env/RUNSVDIR` > GROUPS=3D$(groups "$USER" | cut -d: -f2 | tr ' ' ':') > echo "${USER}${GROUPS}" > until [ -d "$RUNSVDIR" ] ; do > sleep 10 > done > if [ -d log/main ] ; then > exec chpst -u "${USER}${GROUPS}" -e env \ > runsvdir -P "$RUNSVDIR" > else > exec chpst -u "${USER}${GROUPS}" -e env \ > runsvdir -P "$RUNSVDIR" 'log: ...........................................................................= ...........................................................................= ...........................................................................= ...........................................................................= ...........................................................................= ....................' > fi > > servo 0$ cat /etc/sv/runsvdir-jrollins/log/run > #!/bin/sh > set -e > LOG=3D`readlink -f ./main` > USER=3D`head ../env/USER` > if ! [ -d "$LOG" ] ; then > mkdir -p -m0750 "$LOG" > chown "$USER":"$USER" "$LOG" > fi > exec chpst -u "$USER" svlogd -tt "$LOG" --bcaec529a0a151f86f04afbee3df--