Date: Wed, 14 Mar 2012 08:12:55 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: freebsd-questions@freebsd.org Subject: Re: start at boot, run as non-root Message-ID: <4F605307.8070907@infracaninophile.co.uk> In-Reply-To: <CAEFCw4s9rqaFgQ00APXuE0mpNtoDUQVOBT1wZzWbEi31NDXMtA@mail.gmail.com> References: <CAEFCw4s9rqaFgQ00APXuE0mpNtoDUQVOBT1wZzWbEi31NDXMtA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On 14/03/2012 07:30, n dhert wrote:
> I have FreeBSD8.2.
> Sedna, an XML database server, had no port in th FreeBSD ports collection
> but has a binary compiled for FreeBSD8 on www.sedna.org.
> I installed that.
> To start it at boot I created a script /usr/local/etc/rc.d/sedna :
> -----------------------------------------------
> #!/bin/sh
> #
> # PROVIDE: sedna
> # REQUIRE: DAEMON
> # KEYWORD: shutdown
> #
> . /etc/rc.subr
>
> name="sedna"
> rcvar=${name}_enable
> command=/home/opt/sedna/bin/se_gov
>
> load_rc_config $name
>
> : ${sedna_enable="NO"}
>
> run_rc_command "$1"
> --------------------------------------------
> and added sedna_enable="YES" at the end of my /etc/rc.conf
>
> This way it starts at boot:
> $ ps -jaxww | grep se_
> root 7064 1 7064 7064 0 Is ?? 0:00.00
> /home/opt/sedna/bin/se_gov -background-mode off -listen-address localhost
> -port-number 5050 -ping-port-number 5151 -el-level 3 -alive-timeout 0
> -stack-depth 4000
> The deamon runs as root. I want it run by a non-root user, e.g. a user
> 'sedna''
>
> How can I do that?
>
> The sedna server binary se_gov has no option in its man-page to start the
> program run as a different user ..
Add a variable:
${name}_user=sedna
to the init script. The rc(8) system will use su(1) to start up the
sedna process using your selected username. There's also ${name}_group
but that works a bit differently.
I'm intrigued that this software should be supported on FreeBSD
upstream, but not appear in ports. Are there some onerous license terms
or other obstacles[*]? If not, would you consider submitting your work
as a port?
Cheers,
Matthew
[*] Seems it uses Apache licensing according to http://www.sedna.org/,
which is exceedingly FreeBSD compatible, so I don't think licensing
would be an obstacle.
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew@infracaninophile.co.uk Kent, CT11 9PW
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9gUw0ACgkQ8Mjk52CukIzakwCfYCVFBHptT1P7olclsRdtanM6
2d8AoIynZeltdp3BzXh0dF8Yr5ofWMpp
=DeK2
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F605307.8070907>