init script for stubby

nahkhiirmees · 2022-10-24 20:45:01

Couple months ago i tried dnsmasq and stubby. During that time i noticed that there's no init script for stubby so i wrote one:

#!/bin/sh

### BEGIN INIT INFO
# Provides: stubby
# Required-Start: $network $remote_fs $syslog
# Required-Stop:  $network $remote_fs $syslog
# Default-Start:  2 3 4 5
# Default-Stop:   0 1 6
# Description: a dns resolver
### END INIT INFO

#. /lib/lsb/init-functions

case "$1" in
  start)
	touch /run/stubby.pid
	chmod 600 /run/stubby.pid
	chown stubby:65534 /run/stubby.pid
	sudo -u stubby stubby -g
	;;
 stop)
	killall stubby
        ;;
  *)
        echo "Usage: $SCRIPTNAME start" >&2
        exit 3
        ;;
esac

pretty obvious stuff. The #BEGIN ... #END - parts i copied from dnsmasq's init file or some other file and changed a few rows.
How about adding something like this in the stubby package?

Head_on_a_Stick · 2022-10-24 20:54:14

sudo shouldn't be used in init scripts. There are other issues.

For a better version (along with postinst, prerm & postrm scripts) see https://bugs.debian.org/cgi-bin/bugrepo … ug=1008931.

Related: https://dev1galaxy.org/viewtopic.php?id=4865 ← that shows how to generate an init script from the supplied /lib/systemd/system/stubby.service unit file.

nahkhiirmees · 2024-06-01 00:25:03

Is the problem with sudo just that "you're not supposed to do thing that way". Or are there security problems involved?

GlennW · 2024-06-03 03:33:32

Hi, in case you are waiting for HoaS to reply, he hasn't been on these forums for a while.

nahkhiirmees · 2024-06-03 14:38:18

Did some research, found these links:

https://stackoverflow.com/questions/179 … nit-script

https://bitmingw.com/2017/01/22/use-sudo-in-scripts/

So, if sudo is not the recommended command, deamon/runuser/whatever_passes_for_those_in_Devuan_today is ok?

I'm considering whether i should convert that service-file(?id=4865) or not?

GlennW · 2024-06-03 22:46:41

I don't use sudo, you might be better off starting a new thread with your question. All the best.

EDX-0 · 2024-06-04 21:54:33

sudo should not be used on init scripts, not directly because of security, but it is assumed not every system may had sudo installed as a minimal install with a root account and password will only have su and require running su to change into the root account to perform all administrative tasks.

that aside in a proper initscript the variable RUN_AS_USER is defined, usually as RUN_AS_USER=root for daemons intended to be ran by the root user, for daemons that need to be ran under a specific user the variable is defined with the intended user.

accordingly the start-stop-daemon program will be used to guarantee correct behaviour, ie check for initialization of instance and creation of the pid file.

an example standar use of start-stop-daemon would be as follows:

start-stop-daemon -S --pidfile ${PIDFILE} --make-pidfile --background \
            --chuid ${RUN_AS_USER} --startas ${DAEMON} -- ${DAEMON_ARGS}

as for the options straight from the manual:

-S, --start [--] arguments
           Check  for  the existence of a specified process.  If such a process exists, start-stop-daemon does nothing, and exits with error status 1 (0 if --oknodo is specified).  If such a process does not exist, it
           starts an instance, using either the executable specified by --exec or, if specified, by --startas.  Any arguments given after -- on the command line are passed unmodified to the program being started.

the flags and the vars passed should be descriptive enough and those are expected to be defined earlier on the initscript.

as for --background it is used with prgrams that will not fork to background by themselves.

if you want an okay example of a proper initscript file for an arbitrary daemon check https://github.com/eylles/afreq.sh
the file acpufreq.is is the definition of the initscrip, mind you that when you write initscript files not every daemon will support options like reloading the configuration so the route that many initscripts take is to just have the restart idiom also match reload and force-reload like so:

    restart|reload|force-reload)
        $0 stop && sleep 3 && $0 start
        ;;

nahkhiirmees · 2024-06-05 22:57:00

Found already the manpage of start-stop-deamon . Planning to rewrite that "stubby-script" when i get tired of solving the gray_screen_problem.

Last edited by nahkhiirmees (2024-06-05 22:57:35)

tux2bsd · 2024-06-25 09:43:09

#!/bin/sh

### BEGIN INIT INFO
# Provides: stubby
# Required-Start: $network $remote_fs $syslog
# Required-Stop:  $network $remote_fs $syslog
# Default-Start:  2 3 4 5
# Default-Stop:   0 1 6
# Description: a dns resolver
### END INIT INFO

#. /lib/lsb/init-functions

case "$1" in
  start)
	test -f /run/stubby.pid || install -o stubby -g stubby -m 600 /dev/null /run/stubby.pid
	su - stubby -c "stubby &"
	;;
 stop)
	killall stubby
	rm /run/stubby.pid
        ;;
  *)
        echo "Usage: $SCRIPTNAME start" >&2
        exit 3
        ;;
esac

This should work OK. Untested, I don't have stubby installed. Main goal is get rid of sudo for you.

If the stubby program writes to the PID fill it could be used to kill with instead.

Last edited by tux2bsd (2024-06-25 09:48:40)

The officially official Devuan Forum!

#1 2022-10-24 20:45:01

init script for stubby

#2 2022-10-24 20:54:14

Re: init script for stubby

#3 2024-06-01 00:25:03

Re: init script for stubby

#4 2024-06-03 03:33:32

Re: init script for stubby

#5 2024-06-03 14:38:18

Re: init script for stubby

#6 2024-06-03 22:46:41

Re: init script for stubby

#7 2024-06-04 21:54:33

Re: init script for stubby

#8 2024-06-05 22:57:00

Re: init script for stubby

#9 2024-06-25 09:43:09

Re: init script for stubby

Board footer