On Ubuntu:
touch: cannot touch `/var/run/test.pid': Permission denied
I am starting start-stop-daemon and like to write the PID file in /var/run start-stop-daemon is run as my-program-user
/var/run setting is drwxr-xr-x 9 root root
I like to avoid putting my-program-user in the root group.
By default, you can only write to /var/run as a user with an effective user ID of 0 (ie as root). This is for good reasons, so whatever you do, don't go and change the permissions of /var/run... Instead, as root, create a directory under /var/run:
# mkdir /var/run/mydaemonThen change its ownership to the user/group under which you wish to run your process:
# chown myuser:myuser /var/run/mydaemonNow specify to use /var/run/mydaemon rather than /var/run.
You can always test this by running a test as the user in question.
this will not work, since it will be lost at the next reboot (
/var/runis a tmpfs on Ubuntu).The only feasible solution is to run mkdir and chmod as part of the startup scripts.
You can try this. Create a directory /var/run/test/ and then change the permission of this directory to the same user as your program runs. " chown /var/run/test/" . Now in your application change the location of the PID file to /var/run/test/test.pid. This should get things working for you.
What about using the "sticky" bit on /var/run ?
chmod +t /var/run ?
Probably mess up some other apps, but it seems like it would be another solution.
I'll stick with creating a separate /var/run folder for now, however.
Entries in the
/etc/permissionsare permanent. Make an entry there to make the ownership and permissions for a directory permanent.To avoid putting your program-user in the root group, allow others write access: