I'm downstream and upstream maintainer of a software which consists of
many python modules, which are started individually and are non-root.
Previously, we used /opt, but we'd like to drop this now and use LSB-paths.
But I'm facing problems with the pidfiles, which should be saved under
`/run/name/component.pid`*. But the unprivileged programs can't create
the directory or change permissions, so root must do this. I now see
1) Use /opt/name/ - kind of fishy
2) Use /tmp - Better than the solution above and still simple.
3) Saved them somewhere in /var/lib/name, which is writable to the users.
4) Start all components as root, create /run/name if needed and then
drop privileges. Has unnecessary complexity in the software, which I'd
like to avoid
5) Allow the programs to create the directory /run/name via sudoers
Are there other possibilites or best practices? Does systemd has a
solution here? Note that units need the pidfiles, not services. I know
that systemd can handle the pidfile of the latter. But then I'd again
need root to create it.
Any ideas are appreciated,
* as far as I understand non-existing guidelines. But it seems to be
handled so by other progams. Some hints that this should be done, can be
python programming - mail server - photo - video - https://sebix.at
cryptographic key at https://sebix.at/DC9B463B.asc
and on public keyservers