From owner-freebsd-ports Thu Jan 4 2: 2:16 2001 From owner-freebsd-ports@FreeBSD.ORG Thu Jan 4 02:02:13 2001 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from picalon.gun.de (picalon.gun.de [192.109.159.1]) by hub.freebsd.org (Postfix) with ESMTP id 9D09437B400; Thu, 4 Jan 2001 02:02:12 -0800 (PST) Received: (from uucp@localhost) by picalon.gun.de (8.9.3/8.9.3) id LAA24763; Thu, 4 Jan 2001 11:00:52 +0100 (MET) >Received: (from andreas@localhost) by klemm.gtn.com (8.11.1/8.11.1) id f049qZi09399; Thu, 4 Jan 2001 10:52:35 +0100 (CET) (envelope-from andreas) Date: Thu, 4 Jan 2001 10:52:35 +0100 From: Andreas Klemm To: Anton Voronin Cc: Will Andrews , ports@FreeBSD.org Subject: need tas scripts necessarily run under root privileges, could that be changed ? (Re: cvs commit: ports/net Makefile ports/net/tas Makefile distinfo pkg-comment pkg-descr pkg-plist) Message-ID: <20010104105235.A3815@titan.klemm.gtn.com> References: <200012260546.eBQ5kt337097@freefall.freebsd.org> Mime-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200012260546.eBQ5kt337097@freefall.freebsd.org>; from will@FreeBSD.org on Mon, Dec 25, 2000 at 09:46:55PM -0800 X-Operating-System: FreeBSD 4.2-STABLE SMP X-Disclaimer: A free society is one where it is safe to be unpopular Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi ! Package looks cool. Want to install it on my FreeBSD server to monitor traffic over my cisco 2516 to my ISP... Currently I already have a cisco user to monitor traffic using rsh. I alwas try to use a pseudo user to run complex scripts than having to run foreign/complex scripts under root privileges. Current tas design needs to run at least 2 scripts with root privileges -rwxr--r-- 1 root wheel 16887 Jan 4 10:02 AcctLog -rwx------ 1 root wheel 853 Jan 4 10:02 AcctSquid Is this really necessary ? Do you use perl functions, that require it ? I would be glad if the current design could be changed, so that your fine package can be run under whatever user privilege. An additional bnonus for easy handling with any ports system would be, if you could provide a setup script, that is executed only once by root, to create a directory, where such a pseudo user (tas ???) has the permission to write the statistics to, i.e.: /var/account/tas The addition and deletion of this pseudo user can easily be handled by the FreeBSD ports collection, we already have other ports, that can do that even when the port comes in "package" format (compiled/ packaged). I think this would be a clean design, do that sysadmin can be pretty sure, that nothing bad happens to their production system. I hope you took my recommendation right Andreas /// -- Andreas Klemm Powered by FreeBSD SMP Songs from our band >>64Bits<<............http://www.apsfilter.org/64bits.html My homepage................................ http://people.FreeBSD.ORG/~andreas Please note: Apsfilter got a NEW HOME................http://www.apsfilter.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message