[yocto] best way to use sudo for a long running background process
Davis Roman
davis.roman84 at gmail.com
Fri Mar 16 14:55:49 PDT 2018
hello,
I have a daemon called powermanager running as the non-root user, power.
In /etc/sudoers.d/power, I have the following:
power ALL=(ALL) NOPASSWD: ALL
I know that the above statement essentially gives the powermanager
process root privileges
however, in the future, I'd like to have the option to enforce certain
commands/files not be used, if needed.
My understanding is that the sudoers file would be the place to place
these rules.
( ie: disable ability to open file /dev/foobar )
Therefore on startup, I configured my systemd service file to run as
the power user however I'm trying to figure out which is better:
1. launch this process as 'sudo powermanager'
or
2. launch my process as just 'powermanager' and let the process deal
with invoking sudo when it needs to open files in /dev/
Any feedback would be greatly appreciated.
Thank you,
Davis
More information about the yocto
mailing list