shell script? : usage of $! with su -c option

DTParanoia · 04-04-2005, 07:07 PM

I have a script that uses $! and su as follows (runs as root and java is in the path):

JAVA_USER_HOME=/home/javauser
SECURITY_SERVER_LOG=$JAVA_USER_HOME/logfile
PID_FILE=$JAVA_USER_HOME/server.pid

su javauser -c "java -jar $JAVA_USER_HOME/Server.jar > $SECURITY_SERVER_LOG 2>&1 &"
echo $! > $PID_FILE

Initialy I expected $! to contain the pid of the command passed to su, however, when the value is blank its clearly not what is happening.

So the question is, what can I do to still make sure that the java virtual machine runs under javauser as opposed to root, and still obtain the pid of the VM?

Thanks in advance,

DT

jschiwal · 04-05-2005, 01:19 AM

I think that the problem is that the command doesn't run. Unless you don't have permission to write to a file in the /home/javauser/ directory. You might want to try it without the su -c part to see if it starts. Also saving the value of $? in a variable immediately after the the java command might supply some info. What does the $JAVA_USER_HOME/logfile indicate?

Also check that the javauser has a default shell entry in /etc/passwd.

DTParanoia · 04-05-2005, 10:37 AM

I'll make sure and check the exit status before I cause any more trouble , but I don't expect it to indicate failure as the command does in fact run, and the log reflects normal operation of the program I expect to run. The only problem is that when I echo the PID to the pid file its empty. I modified the script so that it no longer uses su and the PID reappears, so it has to be something with the combination of $! and su. You'll have to forgive me for not posting the real script up to this point as I don't have it until I get to work, but when I do, I'll post the whole thing and hopefully something shakes out.

DT

DTParanoia · 04-05-2005, 05:58 PM

OK here is a trimmed down (trimmed to only the relevant sections to avoid post bloat) script that may or may not illustrate the isuue I am having. This is an init script to be placed into /etc/init.d and linked to by the various run levels, so it runs as root. When java is started I would very much like it to be run under a different user with lower privledge. I also need to retain the PID of the JVM, and this is where I am having trouble. I am doing it as follows, but I obviously need an alternative because its not working. I think its because there is a subshell involved and $! has no meaning to the shell in which I echo the value Fell free to review and correct me in any mistakes you see.

Just to summarize, the question is:

How do I run java as another user (other than root) and still retain the PID and write it (as root) to /var/run/ ?

# Set default values
#
JAVA_HOME=/opt/j2sdk1.4.2_06
JAVA_BIN=$JAVA_HOME/bin

JAVA_USER=javauser
JAVA_USER_HOME=/home/$JAVA_USER
SECURITY_SERVER_LOG=$JAVA_USER_HOME/console_log

SU_PREFIX="su $JAVA_USER -c "

# Define the server start commands.
#
SERVER_START="$JAVA_BIN/java -jar $JAVA_USER_HOME/Server.jar"

# retain the pid of the server in order to kill
# it if a stop|restart is needed.
PID_FILE=/var/run/$0.pid

# if the log file does not exist then create it.
#
if [ -n "$SECURITY_SERVER_LOG" -a ! -e "$SECURITY_SERVER_LOG" ]; then
$SU_PREFIX "touch $SECURITY_SERVER_LOG"
fi

# if the existing log file does not exist or is not a regular file
# then send console output to /dev/null
#
if [ -n "$SECURITY_SERVER_LOG" -a ! -f "$SECURITY_SERVER_LOG" ]; then
echo "WARNING: ${SECURITY_SERVER_LOG} is not a valid log file."
echo "WARNING: The log will be sent to /dev/null"
$SECURITY_SERVER_LOG=/dev/null
fi

# reset status of this service
rc_reset

case "$1" in
start)
echo -n "Starting Service "

cd $SECURITY_SERVER_HOME
$SU_PREFIX "$SERVER_START > $SECURITY_SERVER_LOG 2>&1 &"

echo $! > $PID_FILE

rc_status -v
;;
stop)

;;
restart)

rc_status
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
;;
esac
rc_exit