Different approach for running airtime services as unprivileged user

installer/lib/Upstart.conf

@@ -1,71 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE busconfig PUBLIC
-  "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
-  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-
-<busconfig>
-  <!-- Only the root user can own the Upstart name -->
-  <policy user="root">
-    <allow own="com.ubuntu.Upstart" />
-  </policy>
-
-  <!-- Permit the root user to invoke all of the methods on Upstart, its jobs
-       or their instances, and to get and set properties. -->
-  <policy user="root">
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="org.freedesktop.DBus.Properties" />
-
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Job" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Instance" />
-  </policy>
-
-  <!-- Allow any user to introspect Upstart's interfaces, to obtain the
-       values of properties (but not set them) and to invoke selected
-       methods on Upstart and its jobs that are used to walk information. -->
-  <policy context="default">
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="org.freedesktop.DBus.Introspectable" />
-
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="org.freedesktop.DBus.Properties"
-       send_type="method_call" send_member="Get" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="org.freedesktop.DBus.Properties"
-       send_type="method_call" send_member="GetAll" />
-
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6"
-       send_type="method_call" send_member="GetJobByName" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6"
-       send_type="method_call" send_member="GetAllJobs" />
-
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Job"
-       send_type="method_call" send_member="GetInstance" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Job"
-       send_type="method_call" send_member="GetInstanceByName" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Job"
-       send_type="method_call" send_member="GetAllInstances" />
-  </policy>
-  
-  <!-- Permit the web user to invoke all of the methods on Upstart, its jobs
-       or their instances, and to get and set properties. -->
-  <policy user="WEB_USER">
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="org.freedesktop.DBus.Properties" />
-
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Job" />
-    <allow send_destination="com.ubuntu.Upstart"
-       send_interface="com.ubuntu.Upstart0_6.Instance" />
-  </policy>
-</busconfig>

installer/lib/airtime-session-init.conf

@@ -0,0 +1,13 @@
+instance WEB_USER
+
+stop on runlevel [016]
+
+script
+  uid=WEB_USER
+  HOME=WEB_ROOT
+
+  export XDG_RUNTIME_DIR="/run/airtime"
+  export HOME
+
+  exec su -s /bin/sh -c 'exec "$0" "$@"' $USER -- init --user --confdir /etc/init/airtime
+end script