I've used both the inittab and daemontools approaches, and I like daemontools better. I ported the restart-aolserver perl script from inittab style to daemontools style. Maybe that would be useful (the script is at the bottom).
The permission problem Peter talks about does not depend on how AOLServer was started (inittab or daemontool) but on the user as which it's running. My guess is that at ArsDigita they ran AOLServer as root (bad!) and at Collaboraid they ran it as a regular user. I'm only guessing here since ArsDigita had documentation on how to run it on a chroot environment (which I did once, but it was more painful than useful). One last thing, "init q" requires root priviledges, restarts init (unnecessary), and is also used for changing run-levels. If you setuid root init you're asking for trouble. On the other hand, "svc" does only one thing (restarts services) and even though it requires root priviledges it isn't as dangerous or prone to misuse as init. If you use the restart-aolserver script setuid root you limit the damage a regular user can do.
Daemontools is *very* simple to install and it comes as a package in most Operating Systems, in fact, it *works* in all operating systems. Inittab is a System V specific feature which is not available in the BSD's. I think the more generic approach is the daemontools approach.
Anyway, after all the blurb, here's the script:
---- cut here ----
#!/usr/bin/suidperl -Tw
use POSIX qw(strftime);
$LOGFILE = "/var/log/restart-aolserver.log";
$ENV{'PATH'} = "";
if ($#ARGV < 0) {
print "usage: restart-aolserver <service_name>\n";
exit(1);
}
if ( ! -d "/service/web-$ARGV[0]" ) {
print "$ARGV[0]: service does not exist\n";
exit(1);
}
$user = (getpwuid($<))[0];
$timestamp = strftime "%Y-%m-%d %H:%M:%S", localtime;
open(LOG, ">>$LOGFILE") || die "Could not open LogFile";
print LOG $timestamp, "\t", $user, " restarted ", $ARGV[0], "\n";
close(LOG);
print "restarting $ARGV[0]...";
system ("/usr/local/bin/svc", "-t", "/service/web-$ARGV[0]");
print "done.\n";
---- cut here ----
Regards.
