start at boot, run as non-root
Matthew Seaman
m.seaman at infracaninophile.co.uk
Wed Mar 14 08:13:07 UTC 2012
On 14/03/2012 07:30, n dhert wrote:
> I have FreeBSD8.2.
> Sedna, an XML database server, had no port in th FreeBSD ports collection
> but has a binary compiled for FreeBSD8 on www.sedna.org.
> I installed that.
> To start it at boot I created a script /usr/local/etc/rc.d/sedna :
> -----------------------------------------------
> #!/bin/sh
> #
> # PROVIDE: sedna
> # REQUIRE: DAEMON
> # KEYWORD: shutdown
> #
> . /etc/rc.subr
>
> name="sedna"
> rcvar=${name}_enable
> command=/home/opt/sedna/bin/se_gov
>
> load_rc_config $name
>
> : ${sedna_enable="NO"}
>
> run_rc_command "$1"
> --------------------------------------------
> and added sedna_enable="YES" at the end of my /etc/rc.conf
>
> This way it starts at boot:
> $ ps -jaxww | grep se_
> root 7064 1 7064 7064 0 Is ?? 0:00.00
> /home/opt/sedna/bin/se_gov -background-mode off -listen-address localhost
> -port-number 5050 -ping-port-number 5151 -el-level 3 -alive-timeout 0
> -stack-depth 4000
> The deamon runs as root. I want it run by a non-root user, e.g. a user
> 'sedna''
>
> How can I do that?
>
> The sedna server binary se_gov has no option in its man-page to start the
> program run as a different user ..
Add a variable:
${name}_user=sedna
to the init script. The rc(8) system will use su(1) to start up the
sedna process using your selected username. There's also ${name}_group
but that works a bit differently.
I'm intrigued that this software should be supported on FreeBSD
upstream, but not appear in ports. Are there some onerous license terms
or other obstacles[*]? If not, would you consider submitting your work
as a port?
Cheers,
Matthew
[*] Seems it uses Apache licensing according to http://www.sedna.org/,
which is exceedingly FreeBSD compatible, so I don't think licensing
would be an obstacle.
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20120314/45cba476/signature.pgp
More information about the freebsd-questions
mailing list