Date: Wed, 6 Feb 2008 17:49:00 +0100 From: "Zbigniew Szalbot" <zszalbot@gmail.com> To: "Alex Zbyslaw" <xfb52@dial.pipex.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: /usr/local/etc/rc.d/ scripts and non-root user Message-ID: <94136a2c0802060849o1dfb3f6ek67d7d41db5d99102@mail.gmail.com> In-Reply-To: <47A9E373.80300@dial.pipex.com> References: <94136a2c0802060751o7952c2f8w639139271c946e98@mail.gmail.com> <47A9E373.80300@dial.pipex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Alex, 2008/2/6, Alex Zbyslaw <xfb52@dial.pipex.com>: > Zbigniew Szalbot wrote: > > >Hello, > > > >I have looked at my /usr/local/etc/rc.d/ and realized that the symlink > >I put there has the root as owner. It all works but I would rather use > >a non-root user for to run that script. > > > >$ ls -l /usr/local/etc/rc.d/ > >lrwxr-xr-x 1 root wheel 40 May 9 2007 sender.sh -> > >/usr/home/api/sender/start.sh > > > >So I tried: > >$ sudo chown api /usr/local/etc/rc.d/sender.sh > > > >No error but no change either. The original start.sh file has user api > >but the symlink is owned by root. > > > >How can I make sure that the file is indeed run as user api? > > > > > AFAIK, the owner of a symlink is completely irrelevant. All accesses to > the file are checked against the permissions of the file pointed to, not > the symlink. (Same if the target of a symlink is a directory). Once > upon a time I'm sure all symlinks were owned by root, but could be > misremembering. > > When you ran your chown, it did nothing at all > > From man chown > > Symbolic links named by arguments are silently left > unchanged unless -h is used. > > If you really care; say you want a find -user api to find that symlink then > > chown -h api /usr/local/etc/rc.d/sender.sh > > should do what you want. Thank you. I realized this was the case before I wrote previous message. The thing is the real file is owned by user api. However, when the application is started following a reboot, its logs are created by user root, whereas when I start it by hand as user api, its logs are owned by user api. So it once caused me a problem because the existing log file was owned by root and I stopped then started this particular software by hand as user api. Needless to say, it panicked about not being able to log what it was doing. I wonder that indeed a better solution may be to use cron for automatic startups, which Lowell rightly pointed out to me. I just loved the simplicity of symlinking sh scripts against /usr/local/etc/rc.d/ :) Thank you! Zbigniew Szalbot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?94136a2c0802060849o1dfb3f6ek67d7d41db5d99102>