[Twisted-Python] doWrite on twisted.internet.tcp.Port
Barry Scott
barry.scott at forcepoint.com
Wed Sep 16 02:10:21 MDT 2020
On Tuesday, 15 September 2020 19:37:41 BST Glyph wrote:
> > On Sep 15, 2020, at 10:05 AM, Barry Scott <barry.scott at forcepoint.com> wrote:
> >
> > We do this so that we can open priv'ed ports that the children will share.
> > We drop priv's after the priv'ed ports are opened.
>
> A better way to do this might be to use something like the systemd activation endpoint, so you never need privileges in your code in the first place:
>
> https://twistedmatrix.com/documents/current/core/howto/systemd.html#socket-activation <https://twistedmatrix.com/documents/current/core/howto/systemd.html#socket-activation>
Yep, but at the moment I'm on Centos 6 (no systemd) porting to Centos 8 at the moment.
I'm not sure socket activation is the way forward, but there are a lot of other tricks in systemd that should help.
Also there is the idea to pass the prived FD's over sockets into the non priv'ed code etc.
Barry
More information about the Twisted-Python
mailing list