Starting tracd without Root Privileges at Startup

I use Trac for the Open Yahtzee website. I’ve decided to use tracd for serving the requests (due to a configuration issue I didn’t want to mess with), which required starting it each time the server restarts. I’ve already written one solution for it, in the form of an init.d script for tracd. However, it bothered me that the tracd runs with root privileges which it doesn’t really requires.

After searching a bit I’ve found out that cron can run tasks on startup using the special @reboot keyword instead of the normal time fields. So edit your crontab and add the following line:

@reboot /usr/bin/tracd --daemonize --pidfile=~/run/tracd.pid --port=PORT --hostname=HOSTNAME -s TRAC_ENV

Just replace PORT, HOSTNAME and TRAC_ENV with the appropriate values for your environment, and make sure you got a run/ sub-directory in your home folder (or change the pidfile value).

To stop the server just do:

kill `cat ~/run/tracd.pid`

While there is no straight way to restart the server (like /etc/init.d/tracd restart), it’s a good compromise for dropping root privileges.

6 thoughts on “Starting tracd without Root Privileges at Startup

  1. Dunn

    Guy Rutenberg,
    Thanks so much for taking the time to write articles like these are so useful for all of us.

    Great help! Thanks again!
    Dunn.

  2. Joao Antunes

    Hi! Thanks for the script it was really helpful

    Anyway, the compliment is not the only point. Regarding my previous comment, you can easily modify the script to run tracd as another user without having to use crontab. Actually, like I suggested on my previous kinda retoric comment (as I didn’t gave you enough time to actually reply to it) you can attain the desired effect by doing the following changes in the script:

    –start
    if ! $SSD –start –quiet\
    –pidfile $PIDFILE –exec $DAEMON –chuid www-data:www-data — $DAEMON_OPTS ; then

    –end
    Also the $PIDFILE location needs to be writable by the user/group parsed in –chuid, so I changed it to /tmp

    an even better way would be to pass the www-data:www-data (userid:groupid) as an argument on the script or a declaration on the /etc/defaults that would be sourced by the script.

    Cheers!

    And again, thanks for the contribution

  3. Wolverine

    Thanks for your article. It was really helpful.

    I don’t know if it’s unique for my Linux distribution (ClearOS) but when I used –pidfile=~/run/tracd.pid as you suggested the daemon didn’t start and didn’t give any error messages to indicate whats wrong.

    Changing the syntax to –pidfile=$HOME/run/tracd.pid solved the issue for me.

  4. Ali Nikneshan

    Hi
    I use this command:
    su – trac -c ‘tracd -d -s –port 9000 –pidfile=/opt/trac/run.pid /opt/trac/root/’

    also add a @reboot to trac user crontab 🙂
    Ali

Leave a Reply

Your email address will not be published. Required fields are marked *