Scenario / Questions
touch: cannot touch `/var/run/test.pid’: Permission denied
I am starting start-stop-daemon and like to write the PID file in /var/run
start-stop-daemon is run as my-program-user
/var/run setting is drwxr-xr-x 9 root root
I like to avoid putting my-program-user in the root group.
Find below all possible solutions or suggestions for the above questions..
By default, you can only write to /var/run as a user with an effective user ID of 0 (ie as root). This is for good reasons, so whatever you do, don’t go and change the permissions of /var/run… Instead, as root, create a directory under /var/run:
# mkdir /var/run/mydaemon
Then change its ownership to the user/group under which you wish to run your process:
# chown myuser:myuser /var/run/mydaemon
Now specify to use /var/run/mydaemon rather than /var/run.
You can always test this by running a test as the user in question.
mkdir /var/run/mydaemon chown myuser:myuser /var/run/mydaemon
this will not work, since it will be lost at the next reboot (
/var/run is a tmpfs on Ubuntu).
The only feasible solution is to run mkdir and chmod as part of the startup scripts.
You can try this. Create a directory /var/run/test/ and then change the permission of this directory to the same user as your program runs. ” chown /var/run/test/” . Now in your application change the location of the PID file to /var/run/test/test.pid. This should get things working for you.
What about using the “sticky” bit on /var/run ?
chmod +t /var/run ?
Probably mess up some other apps, but it seems like it would be another solution.
I’ll stick with creating a separate /var/run folder for now, however.
Entries in the
/etc/permissions are permanent. Make an entry there to make the ownership and permissions for a directory permanent.
To avoid putting your program-user in the root group, allow others write access:
# chmod 757
Disclaimer: This has been sourced from a third party syndicated feed through internet. We are not responsibility or liability for its dependability, trustworthiness, reliability and data of the text. We reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever.