LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Correct way to startup user applications after restart? (https://www.linuxquestions.org/questions/linux-newbie-8/correct-way-to-startup-user-applications-after-restart-726900/)

ValkaTR 05-18-2009 07:46 PM
Correct way to startup user applications after restart?
 
Hello everybody. I'm stuck at specific problem and I can't find solution anywhere. Please help me.

I installed Debian on some old Pentium II and some users (without root access) have access to the server. Some installed BNC, other eggdrop and other custom daemons. There is no X11 on server.

The problem is that when I restart the computer (or it restarts it self after power failure), then all daemons which users run will not rerun. Everyone has to login and rerun them manually. This happens very rare, about every 100 days, but it happens.

They could install own initscripts in /etc, but that would require a root access to the system. I, ofcourse, don't want to give everybody root access.

Question: How users may able to make their daemons rerun on startup without giving root access to the server?

Thank you.

MS3FGX 05-18-2009 08:06 PM
There are a few ways you could do it, but the one that makes the most sense to me would be running them from per-user cron. You could write a script that runs every few minutes to check if the various daemons are up, and starts them if they aren't.

Actually starting them at boot time is going to require integrating with the boot scripts, which would take root-level access to do directly. Alternately you could have a function in your boot scripts that loaded scripts from each /home directory, but that would be exceptionally insecure as a user could put anything they wanted in there and have it run as root.

ValkaTR 05-19-2009 06:15 AM
Ok, i checked three implementations of cron:
* Vixie cron: it sure would help, but it seems that you need to run "crontab ~/.crontab" from user;
* anacron: only the system administrator can configure anacron tasks;
* fcron: this is too advanced.

And /etc/init.d/cron does'nt load /home/*/.crontab files at startup.

Seems like I need to do some scripting. I think I can, I have same basic skills, but I'm sure that it will be 100% exploitable and also I want to make sure that I'm not reinventing a wheel.

al_b 05-19-2009 10:35 AM
http://www.linuxquestions.org/questi...t-user-323020/

Works like a charm.

Al.

ValkaTR 05-19-2009 11:52 AM
Quote:
Originally Posted by al_b (Post 3545898)
That's an interesting solution. But adding new users would be a pain. I will try to make script and post it here later then.

ValkaTR 05-19-2009 12:46 PM
So I put this in /etc/rc.local:

Code:
find /home/ -maxdepth 2 -type f -name .startup | sed 's/\/home\/\(\w*\).*/echo -e \"=== \\0033[36mExecuting \\0033[32m\/home\/\1\/.startup\\0033[0m ===" \&\& su \1 -c \"sh \/home\/\1\/.startup\"/' | sh
Now users create ~/.startup file, put their stuff there and on boot these scripts will be ran.

MS3FGX 05-19-2009 02:05 PM
You can do that, but again, this means any user could run any command as root.

So they could put a line in there that copied a shell with root permissions into their /home directory, and get a root shell without needing to crack the password. Or they could simply put in a "rm -rf" line to delete everything on the server.

If you are going to go this route, you really need to set it up so that any .startup scripts are run as a different user with minimal permissions, definitely not root.

ValkaTR 05-19-2009 02:15 PM
Look at this part:
Code:
su \1 -c \"sh \/home\/\1\/.startup\"
\1 - is username, so in the end this is executed:
Code:
su user -c "sh /home/user/.startup"


All times are GMT -5. The time now is 10:45 AM.