From owner-freebsd-questions@FreeBSD.ORG Wed Feb 6 17:09:56 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2B7F16A418 for ; Wed, 6 Feb 2008 17:09:56 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from mk-outboundfilter-1.mail.uk.tiscali.com (mk-outboundfilter-1.mail.uk.tiscali.com [212.74.114.37]) by mx1.freebsd.org (Postfix) with ESMTP id 66B0313C4E8 for ; Wed, 6 Feb 2008 17:09:56 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) X-Trace: 35214489/mk-outboundfilter-1.mail.uk.tiscali.com/PIPEX/$MX-ACCEPTED/pipex-infrastructure/62.241.162.32 X-SBRS: None X-RemoteIP: 62.241.162.32 X-IP-MAIL-FROM: xfb52@dial.pipex.com X-IP-BHB: Once X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ao8CAD54qUc+8aIg/2dsb2JhbACtYA X-IP-Direction: IN Received: from ranger.systems.pipex.net ([62.241.162.32]) by smtp.pipex.tiscali.co.uk with ESMTP; 06 Feb 2008 17:09:55 +0000 Received: from [192.168.23.2] (62-31-10-181.cable.ubr05.edin.blueyonder.co.uk [62.31.10.181]) by ranger.systems.pipex.net (Postfix) with ESMTP id 82B35E000094; Wed, 6 Feb 2008 17:09:54 +0000 (GMT) Message-ID: <47A9E9DE.2060503@dial.pipex.com> Date: Wed, 06 Feb 2008 17:09:50 +0000 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20061205 X-Accept-Language: en MIME-Version: 1.0 To: Zbigniew Szalbot References: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> <47A9E373.80300@dial.pipex.com> <94136a2c0802060849o1dfb3f6ek67d7d41db5d99102@mail.gmail.com> In-Reply-To: <94136a2c0802060849o1dfb3f6ek67d7d41db5d99102@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2008 17:09:57 -0000 Zbigniew Szalbot wrote: >Thank you. I realized this was the case before I wrote previous >message. The thing is the real file is owned by user api. However, >when the application is started following a reboot, its logs are >created by user root, whereas when I start it by hand as user api, its >logs are owned by user api. So it once caused me a problem because the >existing log file was owned by root and I stopped then started this >particular software by hand as user api. Needless to say, it panicked >about not being able to log what it was doing. > >I wonder that indeed a better solution may be to use cron for >automatic startups, which Lowell rightly pointed out to me. I just >loved the simplicity of symlinking sh scripts against >/usr/local/etc/rc.d/ :) > > I personally much prefer scripts in rc.d because it's much easier to migrate than crontabs, and if I never use a crontab I always know where to look. It looks to me like you shouldn't be starting the demon as user api - startups scripts should always be started as root. If the demon or whatever is supposed to run as api not root, then perhaps your script should say e.g. su api -c the-path-to-the-demon-or-whatever root can su to whoever without a password, and api can su to api without a password, and everyone else gets prompted. --Alex