I'm trying to set up a Sage Cell Server (an open source mathematical engine) running as an unprivileged user. I've created the unprivileged user sagecell to do the job. It is installed correctly and, if I run it normally using
sagecell@primary-server:~/sage/devel/sagecell$ ../../sage web_server.py
then everything works as expected. An interesting requirement of this application (that may or may not be relevant) is that it requires a passwordless ssh login (i.e., ssh localhost works). I've set up the unprivileged account with an ssh-key to do the job.
Now, rather than manually making a screen session after booting up the server and running it in a screen session, I tried making an upstart job with this setup:
description "Sage Cell Server Starter"
start on runlevel [2345]
stop on starting rc runlevel=[016]
kill timeout 5
exec su -s /bin/sh -c 'exec "$0" "$@"' sagecell -- /home/sagecell/sage/sage /home/sagecell/sage/devel/sagecell/web_server.py
This, however, does not work. Looking at /var/log/upstart/sagecell.log gives the following error:
2013-02-20 00:11:09,665 sagecell:INFO starting tornado web server
Traceback (most recent call last):
File "/home/sagecell/sage/devel/sagecell/web_server.py", line 78, in <module>
application = SageCellServer()
File "/home/sagecell/sage/devel/sagecell/web_server.py", line 57, in __init__
kernel_timeout=kernel_timeout)
File "/home/sagecell/sage-5.7.rc0/devel/sagecell-main/trusted_kernel_manager.py", line 28, in __init__
self._sender = sender.AsyncSender() # Manages asynchronous communication
File "/home/sagecell/sage-5.7.rc0/devel/sagecell-main/sender.py", line 22, in __init__
self.router.bind(self.filename)
File "socket.pyx", line 489, in zmq.core.socket.Socket.bind (zmq/core/socket.c:4797)
zmq.core.error.ZMQError: Permission denied
EDIT: It should be noted that the application binds to port 8080 (and only 8080 as far as I'm aware). The important thing is that it works without privileges when I run it but not when Upstart runs it as the same user.
Can anyone tell me why an application that works perfectly fine under the user sagecell fails to run under an upstart job running the script AS sagecell?
