0

I would like to use Ubuntu's start-stop-daemon to start my application, but the application protects some sensitive information, so I have a mechanism where the application prompts for a password that's then used to generate a hashkey, which is used as the secret key for a symmetric encryption (AES) to encrypt and decrypt things from a database.

I'd like to daemonize this application and have it run from start-stop-daemon, so that sudo service appname stop and sudo service appname start would work, but, I'm not sure how to go about doing this with the added complexity of a password prompt.

Is there something that supports this or do I have to program it from scratch? I figured I should ask first before re-inventing the wheel.

Thanks in advance.

Improve this question

1 Answer 1

Reset to default
1

The point of daemons is to run without interaction. If you run as a true daemon, there will be at some point a system reboot with you not being around. You can't really prompt at that point.

So, you either not make it a daemon, needing an interactive startup, or you have a file someplace that has the key, and that file is protected by root read only perms. Or a major rearchitecture, which may make the most sense.

Improve this answer
1
  • It should fail if not prompted. So, it doesn't necessarily have to conform to the definition of a 'true daemon.' Can you elaborate a bit more on what you mean by a major re-architecture? I haven't coded anything, but according to a compliance specification that I'm reading, prompting for a master key is considered an acceptable security measure for generating the symmetric key to decrypt/encrypt.
    – Mahmoud Abdelkader
    Commented Jan 12, 2011 at 0:56

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .