Date: Wed, 22 Oct 2008 12:58:46 -0400 From: John Almberg <jalmberg@identry.com> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: mysql connection through ssl tunnel Message-ID: <6D143252-2508-4317-A6BE-5D157CDD44A9@identry.com> In-Reply-To: <48FF54F7.6000506@infracaninophile.co.uk> References: <8B945891-5F96-4FBF-8175-15F67F03DD92@identry.com> <48D8F881.1010000@unsane.co.uk> <912A74FB-0292-4A53-B480-34FE69D9C465@identry.com> <20081020212103.GA13334@icarus.home.lan> <007ABF71-6D85-4849-A9E7-933D18236EE8@identry.com> <48FD8876.5090805@infracaninophile.co.uk> <51D1673D-4689-4F9A-8217-CFC5C58A1145@identry.com> <33DD5BC0-7D57-4530-BB59-46E2D7A43F1A@identry.com> <65233E01-1617-4C93-91ED-394330F31AA4@identry.com> <48FF54F7.6000506@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
>> Answering my own question (probably the best way)...
>> I solved this problem by figuring out how to execute the command
>> inside the rc script as a non-root user. Like so:
>> autossh_start()
>> {
>> echo "${command} ${command_args}"
>> su admin -c "${command} ${command_args}"
>> echo "started autossh"
>> }
>> This works beautifully, so I almost hesitate to ask, but is there
>> anything wrong with this approach?
>
> Nothing, except you're re-inventing the wheel. rc.subr already
> has a mechanism for running commands as another user. Instead
> of defining a new start() function, simply add something like:
>
> : ${autossh_user:='admin'}
>
> towards the top of the script. (This also means you can override
> the setting by defining 'autossh_user="someoneelse"' in /etc/rc.conf
> in the usual way)
>
Ah, fascinating. Now that I know what I'm looking for, I can see that
in the rc.subr man page.
Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6D143252-2508-4317-A6BE-5D157CDD44A9>