From owner-freebsd-questions@FreeBSD.ORG Fri Apr 14 07:04:30 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 433EA16A403 for ; Fri, 14 Apr 2006 07:04:30 +0000 (UTC) (envelope-from wilfre@mail.ru) Received: from mx3.mail.ru (mx3.mail.ru [194.67.23.149]) by mx1.FreeBSD.org (Postfix) with ESMTP id D529843D46 for ; Fri, 14 Apr 2006 07:04:29 +0000 (GMT) (envelope-from wilfre@mail.ru) Received: from [213.234.3.130] (port=60863 helo=[192.168.111.6]) by mx3.mail.ru with asmtp id 1FUILu-000Jea-00 for freebsd-questions@freebsd.org; Fri, 14 Apr 2006 11:04:23 +0400 Message-ID: <443F4973.6020401@mail.ru> Date: Fri, 14 Apr 2006 11:04:19 +0400 From: "Andrey V. Semyonov" User-Agent: Thunderbird 1.5 (X11/20060309) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <20060413221630.GA50540@malcolm.berkeley.edu> In-Reply-To: <20060413221630.GA50540@malcolm.berkeley.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: /usr/local/etc/rc.d and role accounts X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Apr 2006 07:04:30 -0000 Mike Hunter wrote: > Hi, > > I'm hoping to get into the spirit of the new rc.d script specs (REQUIRES, > PROVIDES, command=, etc) on a new server I'm building. The old script I > was using looked like this: > > I have several questions about how to replicate this behavior. I'm still > deciding whether I'm willing to split out the 10 or so instances into > separate scripts...if I didn't want to do that, is the best way to handle > it to create a script with all 10 command and then have the rc script run > that script? > > How do I replicate the su stuff? I could say command=su and > foo_flags="foo-role -c ..." but that doesn't seem very good. Well, you try to suggest rc scripts patches to implement such a beholder... For example, implement new rc-script variable ${${name}_effective_user} or like that... (sh syntax doesn't allow you to make such an expression) Tried to play with and found that: You may try to add a parameter to rc.conf: for example, if cupsd.sh sets 'name=cupsd', then you should set cupsd_effective_user in rc.conf (so, in sh-syntax it sounds like ${name}_effective_user ) The most terrible thing is than you can't extract a value from a variable, which you name by some dynamic sting (you can't extract a variable by name set in other variable partly or the whole) So, some workaround is to use world's tools (may not work in minimal installation distribution set): if ! /bin/test -z $(set | /usr/bin/grep "${name}${variable_common_suffix}" | /usr/bin/cut -d "=" -f 2); then some_tricks(); fi; Here I've just checked a nonzero length of such a 'dynamically' named variable. If you can - try to implement such a beholder into rc.subr and give us patches. If I have time I'll try to do that myself. > > As a bonus, foo would like to make pid files, but /var/run isn't writable to > foo-role. What's the standard way to handle where to put the pid files? /var/run/${progname}/ - directory for pidfiles of progs (ex. clamav's clamd). Directory is chowned by `prog' effective UID, or GID and set the appropriate permissions to allow that UID/GID make changes in it.