Domoticz runs as root, and pid file for monit

[AllesVanZelf]

If I do "top" I can see that Domoticz runs as root. I do not like that. I want it to run as pi.
Domoticz starts from /etc/init.d/domoticz.sh as described here: wiki.
If I start it via /etc/systemd/system/domoticz.service with the User = pi variable, domoticz runs as pi. That's okay.

But, via domoticz.service it is not possible to define a pid file. like: /var/run/domoticz.pid. And this pid file I need for Monit monitoring as described in: wiki

Is it possible to start and run domoticz as pi, instead of root with the init.d method? Or is it possible to define a pid file for domoticz via /etc/systemd?

[AllesVanZelf]

I just found issue: avoid running as root, actually use --chuid #3172

I tried to add: --chuid $USERNAME to the start-stop-daemon line, like:

Code: Select all

start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
                $DAEMON_ARGS \
                || return 2

But if I restart domotics as :

Code: Select all

 sudo service domoticz restart

I get an pid file error. the pid file is not created then. It should have been placed in : /var/run/domoticz.pid
Can anyone help me with this?

[waaren]

... I get an pid file error. the pid file is not created then. It should have been placed in : /var/run/domoticz.pid

I don't use systemd for domoticz myself yet and still run domoticz as root (And yes I know this not the most secure way of doing it)

There are quite some articles on this issue and they all point to more or less the same direction if you want your domoticz daemon executed by a non root user.
The domoticz pid file should be created in its own directory /var/run/domoticz/domoticz.pid
your daemon user (pi ?) should be given enough access to /var/run/domoticz/
Because /var/run/ is recreated on some systems at boot time these 2 actions need to be repeated before every domoticz start.
Look here for a more detailed description with an example.

Last step for you would then be to change your monit config for the domoticz alive check to look at the domoticz.pid at the new location.

[AllesVanZelf]

Hello Waaren,
Thank you for this answer. It is helping me a little bit further on this.
Systemd or init.d does not really mather to me, as long I am able to run domoticz as user. Pi indead.

I chose systemd now, with domoticz.sh removed from /etc/init.d/
I created: /etc/systemd/system/domoticz.service with a lot of help from internet:

Code: Select all

[Unit]
      Description=domoticz_service
      After=network-online.target
[Service]
      User=pi
      Group=users
      PermissionsStartOnly=true
      WorkingDirectory=/home/pi/domoticz
      ExecStartPre=/usr/bin/install -d -m 0700 -o pi -g users /var/run/domoticz
      ExecStartPre=setcap 'cap_net_bind_service=+ep' /home/pi/domoticz/domoticz
      ExecStart=/home/pi/domoticz/domoticz -www 8090 -sslwww 8095 -pidfile /var/run/domoticz/domoticz.pid
      PIDFILE=/var/run/domoticz/domoticz.pid
      Restart=on-failure
      RestartSec=1m
      #StandardOutput=null
[Install]
      WantedBy=multi-user.target 

Than domoticz runs as pi.
But there is no pid file made. This setting: "-pidfile /var/run/domoticz/domoticz.pid", I got from the domotics.sh script. But that does not seem to work in this ExecStart command. Am I missing something?

[AllesVanZelf]

Yes!, I think I have it working.

I dropped systemd en tried init.d/domotics.sh again.

Code: Select all

 mv /home/pi/domoticz/domoticz.sh /etc/init.d/domoticz.sh
rm -rf /etc/systemd/system/domoticz.service
chown root:root /etc/init.d/domoticz.sh
chmod +x /etc/init.d/domoticz.sh

added:

Code: Select all

#make /var/run/domotics directory for pi
/usr/bin/install -d -m 0700 -o pi -g users /var/run/domoticz &

to /etc/rc.local

edited: /etc/init.d/domoticz.sh

Code: Select all

PIDFILE=/var/run/domoticz/$NAME.pid

removed the # from

Code: Select all

DAEMON_ARGS="-daemon"
DAEMON_ARGS="$DAEMON_ARGS -daemonname $NAME -pidfile $PIDFILE"

added --chuid $USERNAME to the second start-stop-daemon line in /etc/init.d/domoticz.sh (around line 60):

Code: Select all

        start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
                || return 1
        start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
                $DAEMON_ARGS \
                || return 2

top |grep domo

Code: Select all

 4242 pi        20   0  377068  64296  20324 S   0,3  6,8   0:46.15 domoticz                                                                   
 4242 pi        20   0  378092  64296  20324 S   4,9  6,8   0:46.30 domoticz                                                                   
 4242 pi        20   0  378092  64296  20324 S   3,6  6,8   0:46.41 domoticz 

And monit as described in the wiki.

Everything seems to work well. Testing now.

[tybreizh29]

hi
for those who wants here is the service file that creates the pid file

[Unit]
Description=domoticz_service
After=network-online.target
[Service]
User=pi
Group=users
PermissionsStartOnly=true
WorkingDirectory=/home/pi/domoticz
ExecStartPre=/usr/bin/install -d -m 0755 -o pi -g users /var/run/domoticz
ExecStartPre=setcap 'cap_net_bind_service=+ep' /home/pi/domoticz/domoticz
ExecStart=/home/pi/domoticz/domoticz -www 8080 -sslwww 443 -daemon -pidfile /var/run/domoticz/domoticz.pid
PIDFile=/var/run/domoticz/domoticz.pid
Restart=on-failure
RestartSec=1m
#StandardOutput=null
[Install]
WantedBy=multi-user.target