From owner-freebsd-java@FreeBSD.ORG Thu Jul 14 09:27:37 2005 Return-Path: X-Original-To: freebsd-java@freebsd.org Delivered-To: freebsd-java@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A0A316A41F for ; Thu, 14 Jul 2005 09:27:37 +0000 (GMT) (envelope-from iang@systemics.com) Received: from postix.sonance.net (mx2.sonance.net [62.116.45.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id D7AB043D48 for ; Thu, 14 Jul 2005 09:27:36 +0000 (GMT) (envelope-from iang@systemics.com) Received: from localhost (localhost [127.0.0.1]) by postix.sonance.net (Postfix) with ESMTP id 4340B1A34F7; Thu, 14 Jul 2005 11:26:49 +0200 (CEST) Received: from postix.sonance.net ([127.0.0.1]) by localhost (zentrix [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 02189-10; Thu, 14 Jul 2005 11:26:48 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by postix.sonance.net (Postfix) with ESMTP id 92BFE1A34E5; Thu, 14 Jul 2005 11:26:48 +0200 (CEST) From: Ian Grigg To: freebsd-java@freebsd.org Date: Thu, 14 Jul 2005 10:25:48 +0100 User-Agent: KMail/1.8.1 References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-7" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200507141025.51464.iang@systemics.com> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at sonance.net Cc: Bryan Maynard Subject: Re: Tomcat locked down X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jul 2005 09:27:37 -0000 On Thursday 14 July 2005 07:17, Achilleus Mantzios wrote: > O Bryan Maynard =DD=E3=F1=E1=F8=E5 =F3=F4=E9=F2 Jul 13, 2005 : >=20 > > I know this is a simple thing. . . ;-) > /etc/rc.d, /usr/local/etc/rc.d/ tasks are not to be stopped and started > by anyone. Only root can do this. I usually install the below script in /usr/local/etc/rc.d as name z_users.sh to give user apps a shot under their own Id. (Although this answers the problem of how to run non-root apps on startup, not how to run root apps as a user.) iang 8<----------------------------- #!/usr/local/bin/bash users=3Diang z_users_file=3D/usr/local/etc/z_users if [ -r "${z_users_file}" ] then users=3D$(cat ${z_users_file}) fi set -x echo User Startup: for user in $users _ do [ "$user" =3D _ ] && break eval dir=3D~${user} rcdir=3D${dir}/rc.d if [ -d "${rcdir}" ] then cd ${dir} echo -n ${name} for script in ${rcdir}/*.sh do # watch out - there are two different su(1). [ -x ${script} ] && /usr/bin/su ${user} -c "${script} start" \ 2>&1 0