[Live-devel] How to execute openRTSP by an user without sudo permissions
Warren Young
wyml at etr-usa.com
Fri Dec 11 11:31:47 PST 2015
On Dec 11, 2015, at 4:08 AM, Christiano Belli <christiano.belli at snitch.com.br> wrote:
>
> I want to kill and start openRTSP from a Perl script that owns the user www-data.
Let’s be clear here: the Perl script does not “own” www-data. Your script may be running under that user’s permissions, but it is the OS that owns the user.
The distinction matters because you must deal with the OS’s restrictions.
> When my perl script executes the same command through exec(), but without sudo permissions, I get videos that VLC can't open.
I’m betting that you are running into an SELinux or AppArmor restriction. Under such MAC systems, user www-data is purposely disallowed from writing files outside regular HTTP locations:
http://ubuntuforums.org/showthread.php?t=1324128
This is not a Live555 problem, it’s an OS misconfiguration problem.
Instead of trying to beat AppArmor/SELinux into submission, I recommend that you move the bulk of your Perl script to a daemon (which may itself be a Perl script) which the original Perl script sends a message to when it gets a web request that needs to start openRTSP.
You are spoiled for choice when it comes to ways to pass that message:
http://perldoc.perl.org/perlipc.html
http://search.cpan.org/search?query=ipc&mode=all
https://metacpan.org/search?q=ipc&search_type=modules
All of this is off-topic here, so if you need further help, take it up on a Perl, Apache, Ubuntu, etc. forum. No change to openRTSP can reasonably be expected to fix this class of problem.
More information about the live-devel
mailing list