User-controlled supervised dirs howto

1) Install daemontools.

2) Add a svuserl user+group for logging.

  adduser --system --home /nonexistant --shell /bin/false --no-create-home --disabled-password --disabled-login --gecos svuserl svuserl

3) Setup the parent svscan to be supervised for this user. (I put all my svscan dirs in /etc/sv instead of /etc for sanity)

  mkdir -p /etc/sv/svuser-jdoe/env
  echo 52428800 > /etc/sv/svuser-jdoe/env/MEMORYLIMIT
  echo jdoe > /etc/sv/svuser-jdoe/env/USER
  cat > /etc/sv/svuser-jdoe/run < _EOF_
  exec 2>&1
  exec envdir ./env sh -c '
    exec /usr/bin/softlimit -m $MEMORYLIMIT \
    setuidgid $USER svscan /var/local/$USER/service
  chmod 0755 /etc/sv/svuser-jdoe/run
  mkdir -p /etc/sv/svuser-jdoe/log/main
  chown svuserl /etc/sv/svuser-jdoe/log/main
  cat > /etc/sv/svuser-jdoe/log/run < _EOF_
  exec setuidgid svuserl multilog t ./main

NOTE: If you do not setup logging for this service, your users errors will go to whatever you might have logging the svscan of /service .

4) Setup the users service directory.

  mkdir -p /var/local/jdoe/sv
  mkdir -p /var/local/jdoe/service
  chmod 02775 /var/local/jdoe/*
  chgrp /var/local/jdoe/*

5) Make that users svscan active.

  ln -s /etc/sv/svuser-jdoe /service

Now the user can create his own supervise dirs in /var/local/jdoe/sv and link them into /var/local/jdoe/supervise to make them active. The user then has complete control of them via svc.