From owner-freebsd-rc@freebsd.org Mon Jul 13 15:41:51 2020 Return-Path: Delivered-To: freebsd-rc@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 184FF3677C3 for ; Mon, 13 Jul 2020 15:41:51 +0000 (UTC) (envelope-from joachim.desroches@epfl.ch) Received: from smtp0.epfl.ch (smtp0.epfl.ch [IPv6:2001:620:618:1e0:1:80b2:e058:1]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4B57DY6JQvz46PJ for ; Mon, 13 Jul 2020 15:41:49 +0000 (UTC) (envelope-from joachim.desroches@epfl.ch) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=epfl.ch; s=epfl; t=1594654906; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type; bh=TzyMeJ9kb6z1nZaMUyzg6Iv+g0/Vji195fc+TBT67Wg=; b=P2tKJWoS8ocFZfiic1dMkNQz5zVEgve0TRF7IElbiA1jsnLbkcgF/Z2HxrqfXCJ5k vg9Dqb9WuheS2gIOB7V41WlfxSN8v6q2d06fw+2kuLNditxjbacRqcstK7umqkZqJ gPw+iSp5104AWvmt+tHzSOL/0IZXsHxx5qfRuA4AQ= Received: (qmail 21879 invoked by uid 107); 13 Jul 2020 15:41:45 -0000 Received: from adsl-84-226-38-10.adslplus.ch (HELO localhost) (84.226.38.10) (TLS, ECDHE-RSA-AES256-GCM-SHA384 (X25519 curve) cipher) (authenticated) by mail.epfl.ch (AngelmatoPhylax SMTP proxy) with ESMTPSA; Mon, 13 Jul 2020 17:41:45 +0200 X-EPFL-Auth: KVXJl9UDUot+gByHqmz5cJLhBR23gpnwhYeO1zbFPlrIbqTC3Os= Date: Mon, 13 Jul 2020 17:41:45 +0200 From: Joachim Desroches To: freebsd-rc@freebsd.org Subject: directory, user and limits question Message-ID: <20200713154145.n7d3jzd6rfxw5uvu@stormbringer.localdomain> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="wlq4fynebpr6apl3" Content-Disposition: inline X-Rspamd-Queue-Id: 4B57DY6JQvz46PJ X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=epfl.ch header.s=epfl header.b=P2tKJWoS; dmarc=pass (policy=none) header.from=epfl.ch; spf=pass (mx1.freebsd.org: domain of joachim.desroches@epfl.ch designates 2001:620:618:1e0:1:80b2:e058:1 as permitted sender) smtp.mailfrom=joachim.desroches@epfl.ch X-Spamd-Result: default: False [-6.32 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[epfl.ch:s=epfl]; NEURAL_HAM_MEDIUM(-1.06)[-1.062]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:620:618:1e0:1:80b2:e058:1]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.01)[-1.005]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[epfl.ch:dkim]; DKIM_TRACE(0.00)[epfl.ch:+]; DMARC_POLICY_ALLOW(-0.50)[epfl.ch,none]; NEURAL_HAM_SHORT(-0.05)[-0.049]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:559, ipnet:2001:620::/32, country:EU]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[2001:620:618:1e0:1:80b2:e058:1:from] X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jul 2020 15:41:51 -0000 --wlq4fynebpr6apl3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Dear freebsd-rc, I just recently dived into writing my own RC scripts. I have read the rc.subr(8) manpage as well as the "Practical rc.d scripting in BSD" document, and I have a few questions as to how things are what the are and how to attain a certain goal. My first questions stem from reading the limits(1) manpage. Since limits can handle both setting environment variables and the user running the command, why does setting ${name}_env and ${name}_user call respectively env(1) and su(1) ? Would it not be more elegant to simply use the corresponding flags in limits(1), since it is called anyway ? Secondly, I am trying to have the `command` of my rc script called in a specific directory. This works as expected by setting ${name}_chdir, so that doit becomes `cd ... && limits -C daemon ${command}...`. However, if I also set ${name}_user, then the command run by limits becomes `su -m $user -c 'sh -c $command'`, which completely annihilates the previous `cd ...`.=20 What is the correct way of running a command in a specific directory as a specific user ? Since settings ${name}_user seems to cancel ${name}_chdir (as well as any manual changes done in ${name}_prepend). Cheers and happy hacking, --=20 Joachim Desroches --wlq4fynebpr6apl3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEElB0ILab0vb9X09M/aLBzxSTE0YoFAl8MgLkACgkQaLBzxSTE 0Yo+MRAArZ1Z4WT9i3aQjPuaDMXkGRSfrv0EnOZtMZwFBK6Y2MhSRDfhsyvhgStu nE6kOpoJYO6zBCmbMw8ErEvQgPCO9kI+hD75FAJSOStWtDga9MXMB6y2OLXCPHND 0t6puwqdmLJu9owIWID1Y1IzIi+CTZYj2NFK48Q7Z6iLzBQZL/v8XoMXHyLwBybD t5ayhRDlH6XobLxxj8j5Lh2YHuevOfm/ZdLnpUcSAWbQRJ6cvLHCcnhw6Sdf1UHC oqWlpB6Aj6pZ5aeJDCU0jyrf1YdR/bElnGjk9Do9bEQ1S2vFh/h1m7ETqhVpoUx5 5ISzIJ7s4OwWJyj7sFW2I5+U0yorfPkmpmBFoShXX947klqS6akRx7hLlORbu5O4 feW3Rq9adtbTjow5T73DjP7Rub+92XO67eFw7iCveVK4Nv3PNRCFfrRiv/WQYTIU PAj6SECsoH2m/Ta/43khUCP8nyD+SPaULXAnjL4le0GaIY/b16AVW3jqmV/THKho acDikK0+873/K7schuIMibi7yn4t7hVHf/6rXjhOOSc8SFD+5HOyBE60jDzhhlHz xQvpNhPxGFLgblb+3KuDMcxUzi59My9I27yDkzGv304dmcGR81oCLnpVZ8z94S7Y 9FB7jJVs/h8rpVryDt9iYzDhN8q8IBIsmiNLtBHfbWjr5T427Bw= =Xnqb -----END PGP SIGNATURE----- --wlq4fynebpr6apl3--