I have a daemon process running on a server that needs access to an environment variable that specifies file path information (e.g. MYPATH=/a/b/c). I know how to specify this in my .bashrc file to give me access while I'm on the interactive shell, but unclear how to make sure a value accessible to a daemon process that's running as root.
In short, my question is: How do I set an environment variable that can be accessible by a daemon process running as root?
Write a script - like
#!/bin/sh
export MY_VAR="some value"
exec /path/to/daemon
Put it in /etc/rc.X to use this script.
See the manual page for that (and read what does the numbers mean in /etc/rcX.d?)
Related
I am trying to run a remote script through a script in my host environment from the ExecuteProcess processor in NiFi. Basically, the shell script in the host server has the ssh string calling the remote server and then calling the script in that remote server. I used sshpass package where I saved the password in an environment variable(SSHPASS) and passed that in the ssh string.For more info on sshpass, https://linux.die.net/man/1/sshpass . The host script content is as follows:
sshpass -e ssh user#host sh /path-to-script
When I passed the host script path to the command property of the ExecuteProcess processor, the result of the processor showed that it didn't login to the remote server. So, after some debugging, I created a user defined property in the processor that specified the environment variable SSHPASS and its value which is the password of the remote server and then it worked.
I exported the password as an environment variable so that I don't have to pass it as cleartext in the first place. Is there any workaround where I don't have to specify the environment variable value ? Any suggestions on any other method to connect to the remote server and call the script is welcome too.
Have you tried using the -f or -d options for sshpass? They allow you to read the password from a file or file descriptor respectively. This way you can use OS-level access controls to restrict access to the file rather than having the password in an environment variable which other users or processes may be able to access.
I can investigate further why the executed process apparently did not have access to the environment variable value if those options are not sufficient.
I run T-Plan robot which connects to my windows machine and executes some script.
On successful execution of script,I export the generated xml file via pscp to my linux machine.
T-paln robot acts as a 3rd party freeware to pass some command via cmd on windows machine.
This takes place by running a simple batch file on t-plan robot.However,the script which sends out command to windows disconnects itself based on some explicitly declaring timeout seconds.
I want to write a tcl code which launches this application on linux machine and once the command has generated a successful outcome as xml file and is received on linux machine,it should check whether the xml file exists on the specified directory and terminates the application right at that moment.I want this because the next code section would parse this received xml report and perform other actions.
I think there should be some class in tcl which kills the process/service on any environment ,here I need to perform that in linux.
Sincerely waiting for reply .Thanks in advance
To kill a process on the same Linux machine, provided you've got permission to do so (i.e., you're running as the same user), you do either:
package require Tclx
kill $processId
Or:
exec kill $processId
(The former doesn't require an external command — it does the syscall directly — but the second doesn't need the Tclx pacakge.)
Both of these require the process ID.
To test if a file exists, use file exists like this:
if {[file exists $theFilename]} {
puts "Woohoo! $theFilename is there!"
}
To kill something on a remote machine, you need to send a command to run to that machine. Perhaps like:
exec ssh $remoteMachine kill $remotePID
Getting the $remotePID can be “interesting” and may require some considerable thought in your whole system design. If calling from Windows to Linux, replace ssh with plink. If going the other way, you're talking about doing:
exec ssh $remoteMachine taskkill /PID $remotePID
This can get very complicated, and I'm not sure if the approach you're taking right now is the right one.
I can't add /usr/local/bin to the apache users PATH variable. The user doesn't have a .profile, I can't su to the user, I can't export to the PATH from php using exec and adding
SetEnv PATH /usr/local/bin
To either the http.conf or the .htaccess file doesn't make a difference. I can't find the envvars file to change that but I suspect there's some other problem.
I have restarted apache, and indeed my server.
Ended up following what Alfe suggested in his answer, except rather than in the /etc/init.d/httpd file (which could be overwritten easily on update) I added to /etc/sysconfig/httpd:
export PATH=${PATH:+$PATH:}/usr/local/bin
Have a look at the /etc/passwd to see which login shell the apache user has (on EC2 Ubuntu instances it should be /bin/sh which is a link to /bin/dash). Then have a look at the man page of that shell and find out which configuration files are read upon login. (For /bin/dash that would be .login in the user's home directory.) In those you should be able to extend your $PATH as you like.
EDIT:
Since you seem to have no login shell for that user: Have a look at the /etc/init.d/* scripts which start the system services. Apache will be one of them. They are started as root and may change the current user (e. g. to the apache user). In there you might be able to adjust the PATH as you like it.
Patching those scripts, however, is not considered typical configuration. Updates might overwrite what ever you patch there.
I am currently writing an admin page for my webserver, to make it easier on myself to create new apache domains from my browser. Everything is pretty much working as I want it to, except for one thing.
To elaborate: I have a cron job on my server running a bash script as root that checks a file containing a list of domain names that I want to be created. If the file contains a domain name, it automatically creates a new virtual host for this domain, edits my hosts file, and restarts the server. This all works perfectly, however what I would like for the script to do, is that it activates the domain that it automatically creates before it restarts the server. I tried doing this using apache 2's a2ensite command, however the script returns an error saying the command is not found.
Is there a way to call this command from a bash script, or is there an alternative to this command that I can call?
Any help would be greatly appreciated.
$ which a2ensite
/usr/sbin/a2ensite
Usually, cron has a quite restrictive $PATH, not including /usr/sbin or /sbin, which are system binaries (for use by root). It's always a good idea to use fully qualified path names. So either call /usr/bin/a2ensite in your script, or define a variable:
A2ENSITE=/usr/sbin/a2ensite
...
${A2ENSITE} new-domain.com
I'm currently writing a script to set some PATH in a remote machine using ssh. I have successfully set the variables in the .bashrc. However, it the last step of my script is "source .bashrc". However, when i ssh to the machine manually, the PATH is still not set. What is the problem?
If on computer A, you set PATH with a script run via ssh on computer B, in a script, and then log in to computer B again, PATH will go back to what it was initially. The computer doesn't remember the value of PATH between processes, and it doesn't share it. PATH is an environment variable which is specific to each process. If you use
export PATH
then it will be inherited by child processes, but here your second login session is not a child process of the first one.