Date: Sun, 13 Oct 2024 07:41:45 +0300 From: Matthias Fechner <idefix@fechner.net> To: ports@freebsd.org Subject: Re: Cannot start service, initgroups(gotify,365): Operation not permitted Message-ID: <56e1162c-1fe7-475b-a98d-82d28ab28514@fechner.net> In-Reply-To: <503778064.11874.1728722236313@localhost> References: <5f24c902-919c-453d-8a59-d674138fd11c@fechner.net> <503778064.11874.1728722236313@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 12.10.2024 um 11:37 schrieb Ronald Klop:
> sh -x /usr/local/etc/rc.d/gotify_server start
>
> Are your sure you ran 'service gotify_server start' as root?
> The man pages say that iinitgroups can only return EPERM via a call to
> setgroups when not run as root.
thanks for the tip with sh -x, that made the problem visible.
I changed now this line:
command_args="-f -P ${pidfile} %%PREFIX%%/bin/gotify-server
${gotify_server_args}"
This causes the execution of:
+ eval $' limits -C daemon su -m gotify -c \'sh -c " /usr/sbin/daemon
-f -P /var/run/gotify_server.pid /usr/local/bin/gotify-server "\''
+ limits -C daemon su -m gotify -c 'sh -c " /usr/sbin/daemon -f -P
/var/run/gotify_server.pid /usr/local/bin/gotify-server "'
which is exactly what I want.
The binary is now executed. There is no need to give a -u flag to daemon.
Gruß
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56e1162c-1fe7-475b-a98d-82d28ab28514>