User init scripts

While porting my Apache development server configuration over to Lighttpd I needed a script that would maintain Django FastCGI daemons even after a reboot of the host server. Even though I could have done this by just starting the daemons in an init script directly there where two problems with this approach:

  1. Running a web-server CGI script as root is massive security risk, and
  2. Users would require root access to restart the daemons if they made a change to the instance.

To get around these problems I wrote the following script that will automatically execute a script in the user’s home directory with their permissions on system boot. This also allows the user to manually restart the daemons at any time without being a security hazard if they require it, as well as not interfering with daemons of other users. The user init script itself should behave just like a normal one, meaning it should respect the “start”, “stop” and “restart” arguments and not require any user input to execute to completion.

By default the the script will search each subdirectory in /home/ non-recursively for a script called .init and then attempt to execute it as the user defined by the subdirectory’s name. I.e. the script /home/bob/.init will be executed as the “bob” user.

Download
User init script launcher <Bash: /etc/init.d/userinit> 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/sh

HOMEROOT="/home"
INITFILE=".init"

case "$1" in
start)
    echo -n "Starting user scripts..."

    for USER in `ls $HOMEROOT`; do
        [ -d $HOMEROOT/$USER ] && [ -f $HOMEROOT/$USER/$INITFILE ] && \
            sudo -u $USER $HOMEROOT/$USER/$INITFILE start >> /dev/null &
    done

    echo " Done"
    ;;
stop)
    echo -n "Stopping user scripts..."

    for USER in `ls $HOMEROOT`; do
        [ -d $HOMEROOT/$USER ] && [ -f $HOMEROOT/$USER/$INITFILE ] && \
            sudo -u $USER $HOMEROOT/$USER/$INITFILE stop >> /dev/null &
    done

    echo " Done"
    ;;
restart)
    echo -n "Restarting user scripts..."

    for USER in `ls $HOMEROOT`; do
        [ -d $HOMEROOT/$USER ] && [ -f $HOMEROOT/$USER/$INITFILE ] && \
            sudo -u $USER $HOMEROOT/$USER/$INITFILE restart >> /dev/null &
    done

    echo " Done"
    ;;
*)
    echo "Usage: $0 {start|stop|restart}"
    ;;
esac

Comments

Now usually this is the place where you can submit your own reactions the the stuff I talked about above but due to time issues and my lazy personality I haven’t actually written the comment system yet. I will eventually get around to finishing it once I get my reader count back up to what it was in the early days but until then feel free to contact me with your response.