From owner-freebsd-questions@FreeBSD.ORG Wed Feb 6 16:42:34 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EE1E616A418 for ; Wed, 6 Feb 2008 16:42:34 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from mk-outboundfilter-1.mail.uk.tiscali.com (mk-outboundfilter-1.mail.uk.tiscali.com [212.74.114.37]) by mx1.freebsd.org (Postfix) with ESMTP id 7457113C442 for ; Wed, 6 Feb 2008 16:42:34 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) X-Trace: 35190902/mk-outboundfilter-1.mail.uk.tiscali.com/PIPEX/$MX-ACCEPTED/pipex-infrastructure/62.241.162.31 X-SBRS: None X-RemoteIP: 62.241.162.31 X-IP-MAIL-FROM: xfb52@dial.pipex.com X-IP-BHB: Once X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ao8CAGNyqUc+8aIf/2dsb2JhbACtYA X-IP-Direction: IN Received: from galaxy.systems.pipex.net ([62.241.162.31]) by smtp.pipex.tiscali.co.uk with ESMTP; 06 Feb 2008 16:42:32 +0000 Received: from [192.168.23.2] (62-31-10-181.cable.ubr05.edin.blueyonder.co.uk [62.31.10.181]) by galaxy.systems.pipex.net (Postfix) with ESMTP id 28718E00008A; Wed, 6 Feb 2008 16:42:32 +0000 (GMT) Message-ID: <47A9E373.80300@dial.pipex.com> Date: Wed, 06 Feb 2008 16:42:27 +0000 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20061205 X-Accept-Language: en MIME-Version: 1.0 To: Zbigniew Szalbot References: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> In-Reply-To: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2008 16:42:35 -0000 Zbigniew Szalbot wrote: >Hello, > >I have looked at my /usr/local/etc/rc.d/ and realized that the symlink >I put there has the root as owner. It all works but I would rather use >a non-root user for to run that script. > >$ ls -l /usr/local/etc/rc.d/ >lrwxr-xr-x 1 root wheel 40 May 9 2007 sender.sh -> >/usr/home/api/sender/start.sh > >So I tried: >$ sudo chown api /usr/local/etc/rc.d/sender.sh > >No error but no change either. The original start.sh file has user api >but the symlink is owned by root. > >How can I make sure that the file is indeed run as user api? > > AFAIK, the owner of a symlink is completely irrelevant. All accesses to the file are checked against the permissions of the file pointed to, not the symlink. (Same if the target of a symlink is a directory). Once upon a time I'm sure all symlinks were owned by root, but could be misremembering. When you ran your chown, it did nothing at all From man chown Symbolic links named by arguments are silently left unchanged unless -h is used. If you really care; say you want a find -user api to find that symlink then chown -h api /usr/local/etc/rc.d/sender.sh should do what you want. --Alex