MON

SYNOPSIS

	mon [-d] [-u user] [-r req] command argument ...

DESCRIPTION

You should not run httpd as privileged user such as glenda for safty.
And it is recommended you don't run httpd as user none under multiple users environment. Otherwise it is difficult (or impossible) to keep your files from some ones mischief. This is true not only to Pegasus but also to all httpd.

Mon is a program to run given command as given user. It is supposed the command is a long living one such as httpd. Then, mon monitors execution of the command. If the command exits by some reasons, mon automatically rerun it.
(for safty mon does not rerun it if the command exits within 5 seconds.)

The following conditions are required so that mon can create a process owned by user web:

Mon must be executed by host owner.
user web must be registered in /adm/users.
you must not assign password to user web.
the host owner must be assigned as hostid in /lib/ndb/auth.

Command Options

-d: run as a daemon
-u user: run as user "user". If mon is combined with Pegasus the "web" is recommended as the "user". If "user" is "." mon runs as the uid who invoked mon. Without this option, mon runs as user "none".
-r req: factotum format of X.509 certificate signing request

Invocation

Mine is:

b=/usr/local/bin/$objtype
$b/mon -du web $b/httpd -uM
c=/sys/lib/tls/cert
r=/sys/lib/tls/key
$b/mon -du web -r $r $b/httpd -uM -p443 -c $c

Note

Mon terminates if the command exits in 5 seconds; this is a protection in case of error exits of invoked command.
If you want to terminate mon, send "kill note" to the mon.

LOCATION

	/usr/local/bin/$objtype/mon

RELATED FILES

Mon makes logs in /sys/log/mon.

BUGS

Not known.