From owner-cvs-all  Sun Apr 12 07:21:59 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA11344
          for cvs-all-outgoing; Sun, 12 Apr 1998 07:21:59 -0700 (PDT)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from lsd.relcom.eu.net (ache@lsd.relcom.eu.net [193.125.27.73])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA11335
          for <committers@FreeBSD.ORG>; Sun, 12 Apr 1998 07:21:56 -0700 (PDT)
          (envelope-from ache@lsd.relcom.eu.net)
Received: (from ache@localhost)
	by lsd.relcom.eu.net (8.8.8/8.8.8) id SAA13313;
	Sun, 12 Apr 1998 18:21:55 +0400 (MSD)
	(envelope-from ache)
Message-ID: <19980412182154.41014@nagual.pp.ru>
Date: Sun, 12 Apr 1998 18:21:54 +0400
From: =?koi8-r?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>, committers@FreeBSD.ORG
Subject: Re: Craig Leres: problems with cron and FreeBSD login classes
Mail-Followup-To: "Jordan K. Hubbard" <jkh@time.cdrom.com>,
	committers@FreeBSD.ORG
References: <28136.892372689@time.cdrom.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.89.1i
In-Reply-To: <28136.892372689@time.cdrom.com>; from jkh@time.cdrom.com on Sun, Apr 12, 1998 at 02:18:09AM -0700
Organization: Biomechanoid
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

On Sun, Apr 12, 1998 at 02:18:09AM -0700, Jordan K. Hubbard wrote:
> The user is news and the login class is news. Anyway, this seems silly
> to me; you've already got the login class in the password file, why not
> use it instead of replicating this info in the crontab file?
> 
> Appended is the minimal patch I made to cron/do_command.c. The idea is
> to use the login class from the password file; if there isn't one in
> the password file, use RESOURCE_RC (daemon). Does this change look
> reasonable? Should the default just be the "default" login class?
> Should it be possible to override the login class in the crontab? Let
> me know what sounds reasonable and I'll submit a more complete patch.

The same words are true for inetd too. This patch takes us just back to
previous broken variant. See CVS notes why this variant is implemented
over old one you suggest. In few words login classes have restrictions
which prevents cron/inetd to do some work under particular user. Live
example is "nobody"  user abused by Apache. If you _want_ restrictions,
use "user/class"  semantics. 

-- 
Andrey A. Chernov
http://www.nagual.pp.ru/~ache/
MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message