Re: [HTCondor-users] OT Re: Solved: Re: centos 7 problem

[Richard Pieri <ratinox@xxxxxxx>]

On 4/6/15 3:23 PM, Dimitri Maziuk wrote:
> It's unix, everything is about files. Daemon running as foo:bar cannot

That's only half right. The other half is processes.

> create its transient state files in /run owned by root:root mode 755. X

The only things that go in /var/run are PID files for system processes
and directories for system processes that need multiple PID files. This
has been part of the Linux file system standards for over 10 years.
Other transient data goes in either /tmp or /var/tmp. The difference is
that files in /tmp are not guaranteed to survive reboot (wiping /tmp
after reboot is recommended) while files in /var/tmp must survive reboot
(retention is mandatory).

http://www.pathname.com/fhs/pub/fhs-2.3.html

So it is in fact correct that a daemon running as foo:bar can't write to
/var/run. Only the daemon's init script or its own privileged startup
code are permitted to do that.

> has been using /tmp since always, I've never seen a /var/run/X11. I
> wonder why.

Simple: /var/run is for system processes. X11 processes are user processes.

-- 
Rich Pieri <ratinox@xxxxxxx>
MIT Laboratory for Nuclear Science