Re: Troublesome app when scaling it up, how to proceed?
Re: Troublesome app when scaling it up, how to proceed?
- Subject: Re: Troublesome app when scaling it up, how to proceed?
- From: Alastair Houghton <email@hidden>
- Date: Thu, 25 Oct 2007 14:18:09 +0100
On 25 Oct 2007, at 07:39, Gerben Wierda wrote:
For one, my subprocess sometimes have to run in admin mode and I am
using
AuthExecuteWithPrivileges() for that. That function is really broken,
because for processes started like that you cannot get the PID, you
cannote get stderr seperately from stdout (it uses a bidirectional
buffered pipe), you cannot pass an environment. So subprocesses
like these
go via a different route. The main program creates named pipes for
stdin,
stdout and stderr, passing the environment and pid, then starts a
generic
subprocess. This subprocess attaches stdout, stdin and stderr to
the right
named pipes, communicates the pid back, then execs the actual
subprocess
that needs to be run. Reading output from the stderr and stdout named
pipes is done in separate threads of the main program. These programs
communicate to the main thread using DO. Since the PID has been
communicated back, I can kill these subprocesses from within the main
program (which otherwise would have been troublesome as one does
not know
the pid).
On 25 Oct 2007, at 07:44, Gerben Wierda wrote:
I agree, but the md5 example was just an example. I use several other
programs as well and there is not such a library/possibility for all.
Secondly, as some of these processes have to run with privileges, I
need
to use AuthExecuteWithPrivileges() if I do not want to turn my
entire app
into a privileged operation (and I don't as I follow the principle
that
privileged operations should be kept to an absolute minimum).
From reading this thread, it sounds like you may have adopted a
somewhat baroque solution to whatever problem you're actually trying
to solve.
Perhaps a simpler mechanism would be to use AuthExecuteWithPrivileges
() *once* to set the setuid bit on a helper tool that you then
execute in the normal UNIX manner (i.e. fork()/exec() or similar)?
Once the tool is setuid root, you don't need to use
AuthExecuteWithPrivileges() again, even if you need to pass an
authorisation context to it. That would mean you could avoid using
DO, that you can set-up your sub-processes' file handles as you
require, and that you can get their pids as usual for a UNIX program.
As for the problem of running out of resources, it's hard without
actually seeing what your program is doing to know why (or indeed
whether) that's happening. My guess is that the apparent complexity
isn't helping any, though.
Kind regards,
Alastair.
--
http://alastairs-place.net
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden