Domoticz runs as root, and pid file for monit

On various Hardware and OS systems: pi / windows / routers / nas, etc

Moderator: leecollings

Post Reply
AllesVanZelf
Posts: 265
Joined: Monday 05 February 2018 8:42
Target OS: Raspberry Pi / ODroid
Domoticz version: 12467
Location: Netherlands, near Haarlem
Contact:

Domoticz runs as root, and pid file for monit

Post by AllesVanZelf »

If I do "top" I can see that Domoticz runs as root. I do not like that. I want it to run as pi.
Domoticz starts from /etc/init.d/domoticz.sh as described here: wiki.
If I start it via /etc/systemd/system/domoticz.service with the User = pi variable, domoticz runs as pi. That's okay.

But, via domoticz.service it is not possible to define a pid file. like: /var/run/domoticz.pid. And this pid file I need for Monit monitoring as described in: wiki

Is it possible to start and run domoticz as pi, instead of root with the init.d method? Or is it possible to define a pid file for domoticz via /etc/systemd?
Domoticz 2020.1 (12230) on Raspberry Pi 3B with Raspian Buster. Besides Domoticz, Rpi is running Pi-Hole.
AllesVanZelf
Posts: 265
Joined: Monday 05 February 2018 8:42
Target OS: Raspberry Pi / ODroid
Domoticz version: 12467
Location: Netherlands, near Haarlem
Contact:

Re: Domoticz runs as root, and pid file for monit

Post by AllesVanZelf »

I just found issue: avoid running as root, actually use --chuid #3172

I tried to add: --chuid $USERNAME to the start-stop-daemon line, like:

Code: Select all

start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
                $DAEMON_ARGS \
                || return 2
But if I restart domotics as :

Code: Select all

 sudo service domoticz restart
I get an pid file error. the pid file is not created then. It should have been placed in : /var/run/domoticz.pid
Can anyone help me with this?
Domoticz 2020.1 (12230) on Raspberry Pi 3B with Raspian Buster. Besides Domoticz, Rpi is running Pi-Hole.
User avatar
waaren
Posts: 6028
Joined: Tuesday 03 January 2017 14:18
Target OS: Linux
Domoticz version: Beta
Location: Netherlands
Contact:

Re: Domoticz runs as root, and pid file for monit

Post by waaren »

AllesVanZelf wrote: Monday 26 August 2019 22:31 ... I get an pid file error. the pid file is not created then. It should have been placed in : /var/run/domoticz.pid
I don't use systemd for domoticz myself yet and still run domoticz as root (And yes I know this not the most secure way of doing it)

There are quite some articles on this issue and they all point to more or less the same direction if you want your domoticz daemon executed by a non root user.
The domoticz pid file should be created in its own directory /var/run/domoticz/domoticz.pid
your daemon user (pi ?) should be given enough access to /var/run/domoticz/
Because /var/run/ is recreated on some systems at boot time these 2 actions need to be repeated before every domoticz start.
Look here for a more detailed description with an example.

Last step for you would then be to change your monit config for the domoticz alive check to look at the domoticz.pid at the new location.
Debian buster, bullseye on RPI-4, Intel NUC.
dz Beta, Z-Wave, RFLink, RFXtrx433e, P1, Youless, Hue, Yeelight, Xiaomi, MQTT
==>> dzVents wiki
AllesVanZelf
Posts: 265
Joined: Monday 05 February 2018 8:42
Target OS: Raspberry Pi / ODroid
Domoticz version: 12467
Location: Netherlands, near Haarlem
Contact:

Re: Domoticz runs as root, and pid file for monit

Post by AllesVanZelf »

Hello Waaren,
Thank you for this answer. It is helping me a little bit further on this.
Systemd or init.d does not really mather to me, as long I am able to run domoticz as user. Pi indead.

I chose systemd now, with domoticz.sh removed from /etc/init.d/
I created: /etc/systemd/system/domoticz.service with a lot of help from internet:

Code: Select all

[Unit]
      Description=domoticz_service
      After=network-online.target
[Service]
      User=pi
      Group=users
      PermissionsStartOnly=true
      WorkingDirectory=/home/pi/domoticz
      ExecStartPre=/usr/bin/install -d -m 0700 -o pi -g users /var/run/domoticz
      ExecStartPre=setcap 'cap_net_bind_service=+ep' /home/pi/domoticz/domoticz
      ExecStart=/home/pi/domoticz/domoticz -www 8090 -sslwww 8095 -pidfile /var/run/domoticz/domoticz.pid
      PIDFILE=/var/run/domoticz/domoticz.pid
      Restart=on-failure
      RestartSec=1m
      #StandardOutput=null
[Install]
      WantedBy=multi-user.target 
Than domoticz runs as pi.
But there is no pid file made. This setting: "-pidfile /var/run/domoticz/domoticz.pid", I got from the domotics.sh script. But that does not seem to work in this ExecStart command. Am I missing something?
Domoticz 2020.1 (12230) on Raspberry Pi 3B with Raspian Buster. Besides Domoticz, Rpi is running Pi-Hole.
AllesVanZelf
Posts: 265
Joined: Monday 05 February 2018 8:42
Target OS: Raspberry Pi / ODroid
Domoticz version: 12467
Location: Netherlands, near Haarlem
Contact:

Re: Domoticz runs as root, and pid file for monit

Post by AllesVanZelf »

Yes!, I think I have it working.

I dropped systemd en tried init.d/domotics.sh again.

Code: Select all

 mv /home/pi/domoticz/domoticz.sh /etc/init.d/domoticz.sh
rm -rf /etc/systemd/system/domoticz.service
chown root:root /etc/init.d/domoticz.sh
chmod +x /etc/init.d/domoticz.sh
added:

Code: Select all

#make /var/run/domotics directory for pi
/usr/bin/install -d -m 0700 -o pi -g users /var/run/domoticz &
to /etc/rc.local

edited: /etc/init.d/domoticz.sh

Code: Select all

PIDFILE=/var/run/domoticz/$NAME.pid
removed the # from

Code: Select all

DAEMON_ARGS="-daemon"
DAEMON_ARGS="$DAEMON_ARGS -daemonname $NAME -pidfile $PIDFILE"
added --chuid $USERNAME to the second start-stop-daemon line in /etc/init.d/domoticz.sh (around line 60):

Code: Select all

        start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
                || return 1
        start-stop-daemon --chuid $USERNAME --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
                $DAEMON_ARGS \
                || return 2
top |grep domo

Code: Select all

 4242 pi        20   0  377068  64296  20324 S   0,3  6,8   0:46.15 domoticz                                                                   
 4242 pi        20   0  378092  64296  20324 S   4,9  6,8   0:46.30 domoticz                                                                   
 4242 pi        20   0  378092  64296  20324 S   3,6  6,8   0:46.41 domoticz 
And monit as described in the wiki.
:D :D :D
Everything seems to work well. Testing now.
Domoticz 2020.1 (12230) on Raspberry Pi 3B with Raspian Buster. Besides Domoticz, Rpi is running Pi-Hole.
tybreizh29
Posts: 3
Joined: Sunday 29 May 2016 12:57
Target OS: -
Domoticz version:
Contact:

Re: Domoticz runs as root, and pid file for monit

Post by tybreizh29 »

hi
for those who wants here is the service file that creates the pid file :)
[Unit]
Description=domoticz_service
After=network-online.target
[Service]
User=pi
Group=users
PermissionsStartOnly=true
WorkingDirectory=/home/pi/domoticz
ExecStartPre=/usr/bin/install -d -m 0755 -o pi -g users /var/run/domoticz
ExecStartPre=setcap 'cap_net_bind_service=+ep' /home/pi/domoticz/domoticz
ExecStart=/home/pi/domoticz/domoticz -www 8080 -sslwww 443 -daemon -pidfile /var/run/domoticz/domoticz.pid
PIDFile=/var/run/domoticz/domoticz.pid
Restart=on-failure
RestartSec=1m
#StandardOutput=null
[Install]
WantedBy=multi-user.target

Post Reply

Who is online

Users browsing this forum: No registered users and 0 guests