Skip to content

1.3 Architecture

Jump to bottom
C. Dylan Shearer edited this page Mar 17, 2018 · 1 revision

Components

  • jobber:
    • client program
    • runs with caller's privileges
  • jobberrunner:
    • per-user daemon that runs jobs
    • runs as a certain user
  • jobbermaster:
    • daemon that "owns" the jobberrunner processes
    • runs as root

Communication

When jobberrunner runs for user U, it creates a Unix socket file at /var/jobber/{uid}/sock, owned by U, with perms 0600. When the jobber program needs info from jobberrunner, it must use this socket to talk to it.

For commands that take the "-a" option (which applies them to all users), the jobber program tries to send the appropriate message to every jobberrunner process, succeeding or not depending on the calling user and the permissions of the various sockets.

Launching jobberrunner and loading jobfiles

Users are discovered via /etc/passwd. For a user to get a jobberrunner process, the following must be true:

  • It has a (reasonable) home-directory path.
  • Its home directory exists.
  • It owns its home directory.

For a jobfile to be loaded for a user, the following must be true:

  • The jobfile is owned by the user.
  • Only the owner can write to the jobfile.
Clone this wiki locally