Controlling external processes without "shim" programs

So I wanted to launch and control the venerable ping program from inside Elixir code.

I’ve quickly realised the the erlang Ports are really limited in what they can do (can’t send signals, no notification if the remote process exited); they were designed with “custom programs” in mind, and not to just launch any external OS process.

Any libraries I’ve found, like Porcelain or erlexec, rely on “shim” programs to do more advanced control.

Is there really no other low-level way in Erlang to launch & control external OS processes without having to rely on external dependencies? Is that a design decision?

For the specific case of ping, you could use this very convenient library

I thought of that but ICMP traffic in particular is “sensitive” in some OSes, you may need special permissions to send/receive it. The ping executable OTOH is always in the “allowlist”

bah, it’s just the matter of a # setcap cap_net_raw=ep /usr/lib/erlang/erts-9.0/bin/beam.smp (or whatever your install path)

What do you mean by sending signals? Do you want to shell out to kill perhaps?

Also the owner of the port should receive a message with the exit code on a terminating port process, but maybe my memory tricks me here…

Uhhh, what? o.O?

I’ve not experienced that except on Windows (but most of its network stack is borked-to-hell anyway).

Probably selinux, to be honest. I don’t remember the details 100%, just a wasted afternoon when I realised my approach wouldn’t work.

Hah, yeah we use that on the redhat servers, I had to do a lot of enabling for, well, really anything to work at all. ^.^;

Yes, sending signals like SIGINT, SIGTERM, SIGKILL and others. Shelling out to kill does work but if feels a bit like a kludge (and it’s not cross-platform, even though currently I don’t really care).

You can read this for further details : https://github.com/msantos/procket#setuid-vs-sudo-vs-capabilities

Use them all a lot. ^.^