geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark <>
Subject Re: GBean Last Startup
Date Wed, 27 Apr 2005 16:12:03 GMT
David Jencks wrote:

> On Apr 26, 2005, at 9:06 PM, David Blevins wrote:
>> On Tue, Apr 26, 2005 at 11:16:16PM -0400, Mark wrote:
>>> Hi all,
>>> I have a need to start Geronimo as the root user under Solaris and then
>>> once it’s started switch the effective user of the process to a user
>>> with fewer privileges. Part of the requirement is to allow Geronimo to
>>> startup using ports lower than 1024. Once all the server sockets have
>>> been created the process user can be switched.
>>> Does the Geronimo kernel have the ability to load a GBean last? I am
>>> thinking that I could create a GBean to perform the user switch. If 
>>> this
>>> GBean was started last, then I would know that Tomcat, Jetty, OpenEJB
>>> and other server services would have already initialized their server
>>> sockets.
>>> Alternatively, I could create a GBean that has a collection or 
>>> reference
>>> to other network service GBeans. Once I get this reference, I know the
>>> kernel has loaded the GBeans, but I may not know their status (started,
>>> stopped or waiting). I’ve noticed that in GBeanInstance, there is a
>>> magic attribute to get a GBeans state.
>>> Sound possible or am I way off here?
>> You could take the code from the maven-geronimo-plugin and expand off
>> the waitForStarted goal which is basically just code that blocks till 
>> the
>> configuration you are waiting for starts.
>> -David
> that will work if the code you want to wait is in a different process 
> than the gbean you are waiting for.
> If you want a gbean to start after some others in a single kernel the 
> best way is to have dependencies on them.
> Depending on a configuration does not guarantee that all gbeans in the 
> configuration will have been started: the framework will have tried to 
> start them at least once, but if a contained gbean depends on a 
> non-existent or non-started gbean the configuration will start anyway.
> I'm not exactly sure what you are trying to do here or how you plan to 
> do it.  If you open a socket on a reserved port as root and then 
> change user won't there be a time during which connections will be 
> accepted and code from the accepted request run as root?  Is this a 
> security hole?
> thanks
> david jencks
Correct, there will be time between when the server sockets are created 
and the last GBean is executed that switches the effective user id.    
The difference between Geronimo and what I have is that I can create all 
my server sockets, block them, make the user switch and then allow 
incomming connections.  However, the GBeans running in Geronimo can 
create their own server sockets and start accepting connections when 
they determine they are ready to accept them. 

If I could set a ServerSocket factory for then I 
could at least create the server sockets in a suspended state until the 
OS user switch has occurred.

Its possible that Geronimo could create all instances of ServerSockets 
in the constructor for a GBean and then use the life cycle method 
doStart() to accept the incomming connections.  The user switch could 
happen on the last GBean to be constructed.  I am assuming that the 
kernel would then invoke the doStart().


View raw message