如何使用 jsvc 以 root 身份执行操作?
我正在尝试使用 jsvc 来创建一个守护进程,听起来某些事情可以用 root 身份完成(例如,Tomcat 显然可以绑定到特权端口)。我想知道的是如何做到这一点。
在我的简单守护程序中,我尝试打开一些在 init()
过程中只能以 root 身份读取的文件,但我已经以当时选择的用户身份运行(在我的例子中, “没有人”)。如果 Tomcat 可以绑定到特权端口,那么我似乎应该能够打开 root 拥有的配置文件。
我是否正在尝试做一些 jsvc 不适合的事情,或者我只是错过了一些东西?
我的代码:
public class MediaProcessorDaemon implements Daemon {
ClassPathXmlApplicationContext spring = null;
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#init(org.apache.commons.daemon.DaemonContext)
*/
@Override
public void init(DaemonContext context) throws DaemonInitException, Exception {
/* This next line throws an exception */
this.spring = new ClassPathXmlApplicationContext("/META-INF/spring/media-processor-context.xml");
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#start()
*/
@Override
public void start() throws Exception {
this.spring.start();
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#stop()
*/
@Override
public void stop() throws Exception {
if (this.spring != null) {
this.spring.stop();
}
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#destroy()
*/
@Override
public void destroy() {
if (this.spring != null) {
this.spring.close();
}
}
}
和错误消息:
org.springframework.beans.factory.BeanInitializationException: Could not load properties; nested exception is java.io.FileNotFoundException: /etc/media/media-processor.properties (Permission denied)
at org.springframework.beans.factory.config.PropertyResourceConfigurer.postProcessBeanFactory(PropertyResourceConfigurer.java:78)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:663)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:638)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:407)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:139)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:83)
at com.mycompany.mediaprocessor.MediaProcessorDaemon.init(MediaProcessorDaemon.java:24)
[snip]
所以在 init()
中,我试图打开一个只能由 root 读取的文件(/etc/media/media-processor.properties),并且我收到“权限被拒绝”。
我这样执行:
sudo jsvc -debug -user nobody -cp $classPath com.mycompany.MediaProcessorDaemon
I'm trying to use jsvc to make a daemon process, and it sounds like certain things can be done as root with it (for example, Tomcat can apparently bind to privileged ports). What I'm wondering is how to do that.
In my simple Daemon program, I try to open some files that are only readable as root during the init()
process, but I'm already running as the user I selected by then (in my case, "nobody"). If Tomcat can bind to privileged ports, it seems like I should be able to open root-owned config files.
Am I trying to do something that jsvc isn't meant for, or am I just missing something?
My code:
public class MediaProcessorDaemon implements Daemon {
ClassPathXmlApplicationContext spring = null;
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#init(org.apache.commons.daemon.DaemonContext)
*/
@Override
public void init(DaemonContext context) throws DaemonInitException, Exception {
/* This next line throws an exception */
this.spring = new ClassPathXmlApplicationContext("/META-INF/spring/media-processor-context.xml");
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#start()
*/
@Override
public void start() throws Exception {
this.spring.start();
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#stop()
*/
@Override
public void stop() throws Exception {
if (this.spring != null) {
this.spring.stop();
}
}
/*- (non-Javadoc)
* @see org.apache.commons.daemon.Daemon#destroy()
*/
@Override
public void destroy() {
if (this.spring != null) {
this.spring.close();
}
}
}
And the error message:
org.springframework.beans.factory.BeanInitializationException: Could not load properties; nested exception is java.io.FileNotFoundException: /etc/media/media-processor.properties (Permission denied)
at org.springframework.beans.factory.config.PropertyResourceConfigurer.postProcessBeanFactory(PropertyResourceConfigurer.java:78)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:663)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:638)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:407)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:139)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:83)
at com.mycompany.mediaprocessor.MediaProcessorDaemon.init(MediaProcessorDaemon.java:24)
[snip]
So in init()
, I'm trying to open a file which is readable only by root (/etc/media/media-processor.properties), and I'm getting "Permission denied".
I execute it like this:
sudo jsvc -debug -user nobody -cp $classPath com.mycompany.MediaProcessorDaemon
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论