start_service.sh: Apparently sudo doesn't quit - and stays as a wrapper process.Solve this by disowning after sudo & avoid showing the password in the sudo process arguments by preserving the environment when sudoing.

This commit is contained in:
Starbeamrainbowlabs 2019-02-01 22:26:22 +00:00
parent 1314b3ab75
commit 97a6d95902
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
2 changed files with 7 additions and 4 deletions

View file

@ -9,7 +9,7 @@ StartLimitBurst=5
[Service] [Service]
Type=forking Type=forking
PIDFile=/run/rhinoreminds.pid PIDFile=/run/rhinoreminds/rhinoreminds.pid
# We change our own user # We change our own user
User=root User=root
WorkingDirectory=/srv/kraggwapple WorkingDirectory=/srv/kraggwapple

View file

@ -6,7 +6,10 @@ source .xmpp_credentials;
# Execute & disown # Execute & disown
# We pass the environment variables explicitly here, as then we don't accidentally pass something private. # We pass the environment variables explicitly here, as then we don't accidentally pass something private.
# Better to be safe than sorry - defence in depth! # Better to be safe than sorry - defence in depth!
sudo -u username_here XMPP_JID="${XMPP_JID}" XMPP_PASSWORD="${XMPP_PASSWORD}" /usr/bin/mono RhinoReminds.exe --domain starbeamrainbowlabs.com export XMPP_JID;
echo "$!" >/run/rhinoreminds.pid; export XMPP_PASSWORD;
disown;
# Create the pidfile directory
mkdir /run/rhinoreminds; chmod 0700 /run/rhinoreminds; chown rhinoreminds:rhinoreminds /run/rhinoreminds;
sudo -E -u rhinoreminds bash -c '/usr/bin/mono ../bin/RhinoReminds.exe --domain starbeamrainbowlabs.com --avatar avatar.png & echo "$!" >/run/rhinoreminds/rhinoreminds.pid; disown'