On Fri, Oct 16, 2009 at 12:30 PM, Nicolas Williams <Nicolas.Williams at sun.com> wrote: > On Fri, Oct 16, 2009 at 03:31:00PM +0200, Petr Sumbera wrote: >> Danek Duvall napsal(a): >> >There's no way to get tomcat to start as root and setuid to webservd and/or >> >drop all unnecessary privileges? ?Perhaps have the start method do the >> >work? ?If not, then yeah, this is fine. >> >> Currently Tomcat SMF manifest takes care of setting 'webservd' >> credentials and adding extra privilege 'net_privaddr'. >> >> I think it's not possible to do this later in start method. I mean to >> combine 'su' command with 'ppriv'. > > Don't use su(1M) -- SMF does not "login" services to their > method_context users, which su(1M) would do for you here, rather > inappropriately. > > Use pcred(1) and ppriv(1). ?Or better yet, keep things the way they are, > don't bother with the PID file, modify the PID file consumers to use SMF > interfaces to find the service process contract and its members' PIDs.
As this case appears to be closed, with the official +1 and all that, I just want to make sure I understand what the message here is for future teams. With this case, it appears that is acceptable for teams (internal or not) to use the PID file process-locating interface instead of SMF's contracts, /*even when using SMF as the agent to run the service*/. Furthermore, it is acceptable for these PID files to be put in arbitrary locations, or at least locations relatively local to other project artifacts (instead of, say, a single common system-wide location).