Run Vault in Background at Boot/Login, on Linux

Development
1

This is the first of two technical notes that give the steps to have your SAFE vaults stay out of sight while you’re using your computer, and to start automatically when you either login (the simpler approach) or when the computer boots (i.e., as a system service, without anyone logged in, but a bit more complex of an approach). That latter approach is most desirable for unattended vaults running on cloud servers, as you can appreciate if you have ever had to leave your SSH terminal running because it was running a vault on a remote computer.

This first technical note describes the simpler method, that of having one or more vaults run in the background when you login.

It is tested on Debian 8.4 stable (Jessie) and I know of no reason why it can’t be run as is, or with modest adjustment, on other distros.

Use a text editor to open a new file, ~/bin/safe_vault. If you don’t have a “bin” folder in your home folder then create it. The default Debian profile automatically puts such a folder, if it exists, on your PATH environment variable.

Paste this text into the file and save:

#! /bin/sh
# ~/bin/safe_vault

case "$1" in
  start)
    echo "Starting script safe_vault"
    export RETURNDIR=${PWD}
    cd ~/safe_vault1/
    ./safe_vault >/dev/null 2>&1 &
# Uncomment the following lines to run additional vaults
#    cd ~/safe_vault2/
#    ./safe_vault >/dev/null 2>&1 &
#    cd ~/safe_vault3/
#    ./safe_vault >/dev/null 2>&1 &
#    cd ~/safe_vault4/
#    ./safe_vault >/dev/null 2>&1 &
    cd $RETURNDIR
    ;;
  stop)
    echo "Stopping script safe_vault"
    killall safe_vault
    ;;
  *)
    echo "Usage: safe_vault {start|stop}"
    exit 1
    ;;
esac

exit 0

Now make it executable:

    $ chmod +x ~/bin/safe_vault

Then test it:

    $ safe_vault start

Then confirm that a safe_vault process is currently running:

    $ ps aux | grep safe_vault

Now stop the vault:

    $ sudo safe_vault stop

To confirm that the vault is no longer running:

    $ ps aux | grep safe_vault

If you have a graphical desktop, then create a symbolic link to the log for easy access:

    $ ln -s ~/bin/safe_vault1/Node.log ~/Desktop/Safe-Vault-1.log

If you want to run multiple vaults, create extra folders containing the safe_vault files and uncomment the appropriate lines in the script.

If you have multiple safe_vaults running, the script will start and stop them all.

Finally, add this line to your ~/.profile file:

    $ safe_vault start

Now log out and log back in to run the vault(s).

NEXT: How to have vaults run as a system service.

13 Likes
2

If you check the installer directory of safe_vault you will find all of these files plus an fpm script to create installers (linux/osx and advanced installer scripts for windows). It’s pipelined for use very soon, we have set up auto deployment scripts for the coming weeks. Just confirming a secure mechanism for auto signing of the packages at the moment.

9 Likes
3

After the tangle I got in trying to use the Windows installer, I felt that a homebrew approach was easier on my nerves. :slight_smile:

1 Like
4

This is Part 2: Installing one or more vaults as a system service, to run in the background with no-one logged in. Again, it is tested on Debian 8.4.

For this exercise I sussed how Firefox is installed on my system, and adapted its file layout for my purpose (which explains the use of the /opt folder). It is also noteworthy that the following method works perfectly well even though it follows the traditional way of creating a system service rather than the “systemd” approach that is now part of Debian.

Unzip the safe_vault distributable and copy the files to a new folder: /opt/safe_vault1/

Use a text editor to open a new file, /etc/init.d/safe_vault

For example:

    $ sudo nano /etc/init.d/safe_vault

Paste this text into the file and save:

#! /bin/sh
# /etc/init.d/safe_vault

### BEGIN INIT INFO
# Provides:          safe_vault
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start safe_vault at boot time
# Description:       Enable service provided by safe_vault.
### END INIT INFO

# Some things that run always
touch /var/lock/safe_vault

case "$1" in
  start)
    echo "Starting script safe_vault"
    export RETURNDIR=${PWD} 
    cd /opt/safe_vault1/
    ./safe_vault >/dev/null 2>&1 &
# Uncomment the following lines to run additional vaults
#    cd /opt/safe_vault2/
#    ./safe_vault >/dev/null 2>&1 &
#    cd /opt/safe_vault3/
#    ./safe_vault >/dev/null 2>&1 &
#    cd /opt/safe_vault4/
#    ./safe_vault >/dev/null 2>&1 &
    cd $RETURNDIR
    ;;
  stop)
    echo "Stopping script safe_vault"
    killall safe_vault
    ;;
  *)
    echo "Usage: safe_vault {start|stop}"
    exit 1
    ;;
esac

exit 0

Comment: That big chunk of comment between “BEGIN INIT INFO” and “END INIT INFO”, the “LSB tags”, is not necessary for it to work, but it avoids an annoying warning that “there are no LSB tags,” so I included it.

Make it executable:

    $ sudo chmod +x /etc/init.d/safe_vault

With the following command, create symbolic links in the folders /etc/rc0.d … /etc/rc6.d, which will run at boot.

    $ sudo update-rc.d safe_vault defaults

Then create a symbolic link in a folder on your PATH, in order to allow you to run the script manually without needing to type its full path:

    $ sudo ln -s /etc/init.d/safe_vault /usr/bin/safe_vault

Now, if you give the command:

    $ which safe_vault

… you will get the result:

    $ /usr/bin/safe_vault

… which tells you that the symbolic link you just created points to the executable of that name that would run if you were to give the command (even if there happen to be other executables with the same name further along the PATH).

Test it with:

    $ sudo safe_vault start

Have a look in the log to see that it is doing the expected things.

… and then give the command to stop the vault:

    $ sudo safe_vault stop

Give this command:

    $ sudo ps aux | grep safe_vault

… to confirm that no safe_vault processes are running.

Finally, create a symbolic link, on your desktop, to the safe_vault log, for ease of inspecting the log:

    $ ln -s /opt/safe_vault1/Node.log ~/Desktop/Node.log

To have multiple vaults run at system boot:

  1. Create additional folders in /opt, containing copies of the safe_vault files (e.g., /opt/safe_vault2, /opt/safe_vault3,…).

  2. Uncomment the indicated lines in the script.

If you have multiple safe_vaults running, running the script manually will stop or restart them all.

EDIT: Corrected the command “ps aux | grep safe_vault” to be “sudo ps aux | grep safe_vault” because you need superuser privileges to view all the processes, including the instances of safe_vault started by root when the system booted…

2 Likes
5

By the way, there’s an anomaly with this setup, of running the vault as a system service, running it on Test 3: When I replaced the binary with the current version and rebooted, there was no Node.log file in the folder, although a safe_vault process was running. Weird. So, to get the plot running I have been using a manually started instance of safe_vault.

EDIT: It turns out the only anomaly was in my thinking, in my haste to get going after the announcement of the latest test:

The setup has the binaries in /opt/safe_vault1, /opt/safe_vault2, etc, and I was looking in ~/safe_vault1, a test folder I was using while testing the plotter, and that I hadn’t deleted. Duh.

The plot is back on track now, starting with a wiped Node.log and safe_vault running in the background as a service.