I'm at a loss with rc.local and specific users

[FlyingMongoose]

Okay, so I'm running on CentOS 5.5 (x64) on my VDS.

I have two (17 player) servers, one hlds, one srcds (cs on both though I doubt this is relevant).

I've followed directions for automatically booting on startup, and after some research found how I SHOULD be able to boot up my servers as a particular user via the rc.local file.

Supposedly the following should work:

Code: Select all

su - [b]username[/b] -c "cd /usr/steam/sourcebase/orangebox && screen -AmdS screenname chrt -r 20 ./srcds_run -game cstrike -ip xxx.xxx.xxx.xxx -maxplayers xx"

Obviously replacing username with whatever I decide it would be.

This causes nothing to happen (either on boot or when executing rc.local manually). After more digging I found "runuser" (similar command and is based in su) so I tried this

Code: Select all

runuser - [b]username[/b] -c "cd /usr/steam/sourcebase/orangebox && screen -AmdS screenname chrt -r 20 ./srcds_run -game cstrike -ip xxx.xxx.xxx.xxx -maxplayers xx"

Still the same issue.

Obviously I have two software servers running so that single line could be way longer or I could create a second line with essentially the same code. But ultimately this method does not work at all.

I've been fiddling with this for hours because as we all know; running public services as root is usually a very bad idea. I want to disable root save for specific tasks (like updates, etc.) and I know how to do this; but this is stopping me for now.

[Edge100x]

"chrt" requires root privileges, and "screen" also often won't work for users who don't have root privileges. Try something like this instead, which puts both on the outside:

Code: Select all

screen -AmdS screenname chrt -r 20 su -l username -c "cd /usr/steam/sourcebase/orangebox && ./srcds_run -game cstrike -ip xxx.xxx.xxx.xxx -maxplayers xx"

[FlyingMongoose]

I'll give it a go, thanks.

[FlyingMongoose]

still nothing; running the command manually or reboot; I don't know what's up here; and I've triple checked; no typos.

[Edge100x]

Have you tested with other similar, simpler commands, such as:

Code: Select all

screen -AmdS screenname chrt -r 20 su -l username -c "cd /usr/steam/sourcebase/orangebox && ls && sleep 60"

You could then check "screen -r screenname" to see if it's running as it should.

If even that doesn't work, hack more off until you find the part that's causing the problem.

Code: Select all

screen -AmdS screenname su -l username -c "cd /usr/steam/sourcebase/orangebox && ls && sleep 60"

Code: Select all

screen -AmdS screenname "cd /usr/steam/sourcebase/orangebox && ls && sleep 60"

Code: Select all

su -l username -c "cd /usr/steam/sourcebase/orangebox && ls"

[FlyingMongoose]

It looks like the issue is trying to run "screen" while under su... I have sudoers installed; I'm going to try that route; see what happens. I doubt much will change but it doesn't hurt to try.

[FlyingMongoose]

looks like sudoers doesn't even want to run hlds...I wonder if this could be access right problems...

[FlyingMongoose]

hah; I was right it is an access rights problem; it's giving me a permission denied >.<

*smacks self on forehead"

Still I'll keep updated here.

[Edge100x]

rc.local runs as root, so running screen and chrt on the outside (as in the example that I gave) sidesteps any potential permissions issue. You just need to make sure that the hlds installation has the right permissions to be accessed by "username".

[FlyingMongoose]

Actually the permissions issues were in /usr/steam.

I tried running ./srcds_run under the user in question I wished to run it as and it gave a "permission denied".

This prevented the script from running (even with your first suggestion) as the user applied with su -l (or omit the l, same command).

So after modifying the chmod of the /usr/steam directory (recursively just in case) it worked with your first suggestion.

[Edge100x]

Interesting, ok. I guess their script must try to access /usr/steam, even though it doesn't actually need to.

[FlyingMongoose]

Well from within /usr/steam/sourcebase/orangebox is where I tried to run srcds_run as the user; this is where it gave my initial permission denied; but as I use both hlds and sourcebase I made the (safe) assumption that permissions were applied the same in both sourcebase and hldsbase. so I chmodded /usr/steam recursively; and both hlds and srcds run (using your first suggestion) just fine now; screen on root (granted I'd prefer the screen on the user; but I guess beggers can't be choosers, took long enough to get here anyway). And at least the servers aren't running as root anymore...and I believe I can safely remove root from my ssh config.

[Edge100x]

Nod, sounds like you're all set. You could work on it further to see if you can get the screen inside the user, but that's certainly optional .

[FlyingMongoose]

Just a note, this was preconfigured CentOS 5.5 x64 from your VPS installs with the games pre-install.

So anyone else having the issue this would be the resolution...

[Edge100x]

The same resolution (chmod -R username /usr/steam) should work if this happens with any of our Linux installs. With all of them, I created the /usr/steam folder as "root", and other users aren't given write permissions by default.

I have been meaning to update that guide to use separate users, for security reasons, but I haven't had time yet =\