Date: Fri, 24 Dec 2010 14:36:15 +1000 From: Da Rock <freebsd-questions@herveybayaustralia.com.au> To: freebsd-questions@freebsd.org Subject: Re: rc.d and environment variables Message-ID: <4D14233F.4070107@herveybayaustralia.com.au> In-Reply-To: <20101224035041.GF16472@admin.sibptus.tomsk.ru> References: <20101223172752.GA8539@admin.sibptus.tomsk.ru> <20101223201249.ea7648aa.freebsd@edvax.de> <20101223191443.GA24653@gizmo.acns.msu.edu> <20101224031352.GB16472@admin.sibptus.tomsk.ru> <20101224042542.3e21a6df.freebsd@edvax.de> <20101224035041.GF16472@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/24/10 13:50, Victor Sudakov wrote: > Polytropon wrote: > >>> Of course I can always write my own script or put something like >>> su -l svn -c 'usr/local/bin/svnserve -d --listen-port=3690 bla bla' >>> into /etc/rc.local, but the question was about the rc.d framework. >>> >> Environmental variables cannot be controlled by the rc.d >> framework, as far as I understand. Using login classes to >> define them should be the correct way. >> >> > From "man login.conf": >> >> setenv list A comma-separated list of >> environment variables and >> values to which they are to >> be set. >> > I thought of that, and in fact I wrote about it in the very first > message: > > >>> I tried to do this via a login class for the svn user, but it did >>> not work. If I first 'su -l svn' and then start the daemon >>> manually, the environment variable is set all right, but not when >>> it is started from /usr/local/etc/rc.d/svnserve. >>> > >> What did you enter for the svnserve user in /etc/login.conf, >> > svn:\ > :setenv=KRB5_KTNAME=~/svn.keytab:\ > :tc=default: > > > >> and did you make sure there is no override setting in the >> corresponding user's ~/.login.conf? >> > I am pretty sure because when I login interactively as svn, I see > > $ whoami > svn > $ printenv | grep KT > KRB5_KTNAME=/home/svn/svn.keytab > $ > > But it does not work for the rc.d script. > > Doesn't the rc.d script run as root initially and then a method (default flags, etc) is used to change the owner to a nobody (restricted privilege user)? Just my 2c, but please correct me if I'm wrong.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D14233F.4070107>