Home/ Questions/Q 8215545
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T11:49:36+00:00

I am using following shell script to launch a java daemon process (the command

  • 0

I am using following shell script to launch a java daemon process (the command is launched via root user):

 #!/bin/sh
 sudo -u postfix CONFIG_LOCATION=/mnt/custom java -Dcom.sun.management.jmxremote.port=10020 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.util.logging.config.file=${PresentWorkingDirectory}/logging.properties -cp "${ExecutableJar}:${PresentWorkingDirectory}${ClassPath}" com.x.y.filter <&- 1>/dev/null 2>&1 &

this is resulting in launching of the two running processes and I am seeing following records in the ‘ps -f -All’ output:

4 S root     24250     1  0  82   0 - 26247 -      20:33 pts/1    00:00:00 sudo -u postfix CONFIG_LOCATION=/mnt/custom java -Dcom.sun.management.jmxremote.port=10020 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.util.logging.config.file=${PresentWorkingDirectory}/logging.properties -cp "${ExecutableJar}:${PresentWorkingDirectory}${ClassPath}" com.x.y.filter <&- 1>/dev/null 2>&1 &
4 S postfix  24252 24250 47  82   0 - 364460 184466 20:33 pts/1   00:00:31 java -Dcom.sun.management.jmxremote.port=10020 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.util.logging.config.file=${PresentWorkingDirectory}/logging.properties -cp "${ExecutableJar}:${PresentWorkingDirectory}${ClassPath}" com.x.y.filter <&- 1>/dev/null 2>&1 &

I am unable to understand why two processes are launched?

while I intend to run only one process and my shell script too is launching only one process.

Can somebody please explain the above observation?

What needs to be done to correct this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This is expected behaviour. You are calling sudo, which is a process. This process will change it’s user to postfix, then call java – another process.

    If sudo used exec (so that there was only one process used for that command), then java would be able to run things it shouldn’t (because the java binary would replace the sudo one in memory, and so have all the privileges the sudo one has), which would probably be a bad idea.

    Note that the sudo binary won’t be doing anything: it’ll just be waiting for java to terminate before doing it’s own cleanups.

    One of the key things to understand is that sudo is not a magic system utility, it’s just a normal application that as a setuid bit. This means, the sudo binary is allowed to change it’s runtime user-uid. Once you see this, you begin to understand how sudo works and why you get two processes.

    • 0