search

jaysoffian / eap_proxy

Proxy EAP packets between interfaces on Linux devices such as the Ubiquiti Networks EdgeRouter™ and UniFi® Security Gateway.
BSD 3-Clause "New" or "Revised" License
562 stars 88 forks source link

Add support for dropping root privileges and exiting immediately if there's an unhandled exception #22

Closed tobiasmcnulty closed 5 years ago

tobiasmcnulty commented 5 years ago

I wanted the ability to drop root privileges after opening the sockets. This assumes one can run eap_proxy.py via an external service like supervisord that supports restarting in the event the program exits.

This PR adds a couple options to support this use case.

Sample supervisord config (place in /etc/supervisor/conf.d/eap_proxy.conf):

[program:eap_proxy]
command=/usr/bin/python2 /root/eap_proxy.py --drop-root eth0 eth2
autostart=true
startretries=100
stdout_syslog=true
stderr_syslog=true
jaysoffian commented 5 years ago

@tobiasmcnulty I added a --run-as USER[:GROUP] option and made exiting immediately the default when not run with --daemon. Let me know if this works for you.

tobiasmcnulty commented 5 years ago

@jaysoffian Much better and confirming that works -- thanks!