Date: Wed, 6 Feb 2008 17:57:23 +0100 From: "Zbigniew Szalbot" <zszalbot@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user Message-ID: <94136a2c0802060857k25e55a5bw4c7743cc05dae6bd@mail.gmail.com> In-Reply-To: <47A9E568.9040406@dial.pipex.com> References: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> <47A9E568.9040406@dial.pipex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2008/2/6, Alex Zbyslaw <xfb52@dial.pipex.com>: > Zbigniew Szalbot wrote: > > >I have looked at my /usr/local/etc/rc.d/ and realized that the symlink > >I put there has the root as owner. It all works but I would rather use > >a non-root user for to run that script. > > > >$ ls -l /usr/local/etc/rc.d/ > >lrwxr-xr-x 1 root wheel 40 May 9 2007 sender.sh -> > >/usr/home/api/sender/start.sh > > > There's one more potential mistake you are making here. Who the script > runs as has nothing at all to do with who owns the script unless setuid > or setgid bits are set. They would be set on the script itself and not > the symlink, so we'd need to see > > ls -lL /usr/local/etc/rc.d/sender.sh > > to know what was set or not. $ ls -lL /usr/local/etc/rc.d/sender.sh -rwxr-xr-x 1 api wheel 604 May 8 2007 /usr/local/etc/rc.d/sender.sh I have never really understood the thing about setuids, gid and etc. :) I am not planning a restart so won't try it but I am pretty sure that logs are created by root unless the api is started manually. No big deal really but thanks for all the suggestions! Zbigniew Szalbot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?94136a2c0802060857k25e55a5bw4c7743cc05dae6bd>