From owner-freebsd-questions@FreeBSD.ORG Wed Feb 6 16:57:26 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DC2F16A418 for ; Wed, 6 Feb 2008 16:57:26 +0000 (UTC) (envelope-from zszalbot@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.freebsd.org (Postfix) with ESMTP id 8CFC213C448 for ; Wed, 6 Feb 2008 16:57:25 +0000 (UTC) (envelope-from zszalbot@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so837924nfb.33 for ; Wed, 06 Feb 2008 08:57:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=iGNmVDAk85ve1x8sY6NHUlNfrVZJuvbWH6J3+3pBRJw=; b=MfIEyWytW3BNjeiGBe/tLJzgFwluhHvGD/d/4yC7p4k4ELrZcIWWqTwfvgHfV2lU0DK76UyPC9HTHbRhiKPmtWFKPpHtrvZaAyP4O4DycoIQUgt3BTL2fTR0+AaV7RWXMHk9NXATfI9bD4JDMNf2Ie/UZRWNZorOPugJMghMErk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=OWDsCRhbI/HW9yVDIvF+f4s3RM4oLBmSl36p+HcHLpwqbCZQlkgTVfOOX1IsKXjhD/jD5EoVtEkkKN7K9aO/cdj0IayHNP205G3T+DyHoi0LcCpECuzGYhRtMt1rgFYlCHllYh0DraawFl6nMoLOcFRAsJ3AXPzBoVaMX6ZVMiQ= Received: by 10.78.167.12 with SMTP id p12mr18120453hue.20.1202317043442; Wed, 06 Feb 2008 08:57:23 -0800 (PST) Received: by 10.78.130.5 with HTTP; Wed, 6 Feb 2008 08:57:23 -0800 (PST) Message-ID: <94136a2c0802060857k25e55a5bw4c7743cc05dae6bd@mail.gmail.com> Date: Wed, 6 Feb 2008 17:57:23 +0100 From: "Zbigniew Szalbot" To: freebsd-questions In-Reply-To: <47A9E568.9040406@dial.pipex.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> <47A9E568.9040406@dial.pipex.com> Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2008 16:57:26 -0000 2008/2/6, Alex Zbyslaw : > Zbigniew Szalbot wrote: > > >I have looked at my /usr/local/etc/rc.d/ and realized that the symlink > >I put there has the root as owner. It all works but I would rather use > >a non-root user for to run that script. > > > >$ ls -l /usr/local/etc/rc.d/ > >lrwxr-xr-x 1 root wheel 40 May 9 2007 sender.sh -> > >/usr/home/api/sender/start.sh > > > There's one more potential mistake you are making here. Who the script > runs as has nothing at all to do with who owns the script unless setuid > or setgid bits are set. They would be set on the script itself and not > the symlink, so we'd need to see > > ls -lL /usr/local/etc/rc.d/sender.sh > > to know what was set or not. $ ls -lL /usr/local/etc/rc.d/sender.sh -rwxr-xr-x 1 api wheel 604 May 8 2007 /usr/local/etc/rc.d/sender.sh I have never really understood the thing about setuids, gid and etc. :) I am not planning a restart so won't try it but I am pretty sure that logs are created by root unless the api is started manually. No big deal really but thanks for all the suggestions! Zbigniew Szalbot