How to autostart service in ANY linux?

2

I need to install the dumbest possible service (a binary) and have it reliably run as the current user at boot (or login, whatever) at as many platforms as possible (of the aging point-of-sale type). The app monitors another archives generated by another app in the user-session.

Startup alternatives considered:

  1. init.d
  2. @reboot in crontab
  3. a .desktop file in ~/.config/autostart
  4. a myriad of other solutions including .profile and .bashrc

All of the above break down at some point. The problems stem from not wanting to run as root (I want the files generated to be user-accessible), and not having a way to reliably get the current user name in sudo on all platforms. Ideally not even sudo can be assumed available.

Hey, I just want to run something on boot and I have "root" power to do so. Windows get the job done easily enough. This isn't rocket science, is it?

Yan

Posted 2014-06-03T21:24:57.953

Reputation: 31

Your service (or the shipped startup method) is responsible for dropping its rights. This is easily accomplished. Still, there is no universal solution. You’ll simply have to accommodate all start-up methods. Running on boot is probably not ideal if it’s a per-session service. – Daniel B – 2014-06-03T21:32:00.783

What broke with init.d (or better said SysV init)? Use su to run the program under another user e.g. su - joe /usr/local/bin/stupidprogram.

– Cristian Ciupitu – 2014-06-03T21:34:29.330

1No, there is far too much variety in Linux based systems for their to be one way to do this. – Zoredache – 2014-06-03T21:34:36.957

1Could you clarify the exact use case? This sounds very dodgy, looks like you're trying to install a persistent Linux malware on PoS machines you have no control over but somehow got root on, that reads its instructions from a file dropped by a userland process.. But maybe I'm just paranoid :) – lorenzog – 2014-06-04T07:21:04.953

@lorenzog, yes it is indeed very similar. but what do you do when the software you have to monitor isn't yours, nor can be bothered? – Yan – 2014-06-04T12:19:36.647

@Cristian: the problem is reliably discovering the current user – Yan – 2014-06-04T12:21:08.713

@Zoredach: yes, a simple task, nigh impossible. also, much of the information points the wrong way. that is why I had to bid this question. – Yan – 2014-06-04T12:35:24.410

@Yan, define current user and how he/she logins. – Cristian Ciupitu – 2014-06-04T13:00:25.713

@Yan I wasn't arguing on the validity of the question :) indeed the use of Daemon Tools suggested below is the best solution if your systems have /etc/inittab. Daemontools compile on all UNIXes, most don't even require a restart to get running. – lorenzog – 2014-06-04T13:09:34.307

Answers

2

I would suggest to use daemon tools to manage your services.

It uses a supervisor to monitor your services, and runs as a daemon. You can write a simple run script, to exec the script, and daemon tools will disassociate it with the current terminal, and provides you with separate logs for troubleshooting as well.

nohup

Posted 2014-06-03T21:24:57.953

Reputation: 211

2

About the only thing that is guaranteed to be (somewhat) the same on all Linux installations is the kernel, because the kernel is what makes it Linux.

The kernel has a command line parameter init which specifies the path and name of the binary which is responsible for bootstrapping the userspace environment after the kernel initialization is complete. Normally /sbin/init is used for that purpose, however it can be replaced with any other binary you like which (along with required libraries, configuration files, etc.) is available on the root file system.

However, that's probably not what you want.

Pretty much everything you do beyond that is going to, in some way, depend on the behavior of the installed software. There is not even any guarantee that the init binary will live at /sbin/init.

Most software that faces this problem works around it by providing several possible init configurations, and have an installation script (or has the administrator) pick the one appropriate to the system in question; if no appropriate configuration is provided, the administrator is expected to write up their own.

Unfortunately, this is the downside of the versatility that most Linux distributions provide. In Windows there is only one way to do it (well, there are a few, but they are specifically defined by Microsoft and you can't really do anything to change them even as a programmer-competent administrator).

The problems stem from not wanting to run as root (I want the files generated to be user-accessible)

If that was your only problem, however, the easy solution would be to simply change ownership of the file immediately after creating it. Or, do what most daemons do: start as root, then drop privileges and switch to an unprivileged account after doing whatever initialization needs to be done as root (for example, opening sockets to listen to privileged ports, read protected configuration files into memory, etc.).

I imagine the logged in user could be programmatically determined, but you'd need to be a lot more specific then about what exactly you mean by 'logged in user'. Detecting which user account(s) (if any) is/are running a particular binary is fairly trivial by scanning the process tree, and just might get you close enough to what you are trying to achieve. Once you know which user account to target, you can either switch your security context to that account, or launch a separate process as that user (similar to how sudo does its grunt work).

a CVn

Posted 2014-06-03T21:24:57.953

Reputation: 26 553

Asked: 2014-06-03T21:24:57.953

Viewed: 198 times

Active: 2014-06-04T14:42:24.520