running port as non-root
Remko Lodder
remko at FreeBSD.org
Fri Nov 30 10:12:20 PST 2007
rihad wrote:
> Hi, I'm trying to run the net/openradius port as non-root
> by first changing /usr/local/etc/rc.d/openradius:
>
> . /etc/rc.subr
>
> name="openradius"
> rcvar=`set_rcvar`
>
> load_rc_config ${name}
>
> : ${openradius_enable="NO"}
> : ${openradius_flags="-o /var/log/openradius.log"}
>
> -command=/usr/local/sbin/radiusd
> +command=/usr/local/bin/sudo
> +flags="-u radius /usr/local/sbin/radiusd"
>
> run_rc_command "$1"
>
> (Lines marked with -/+ were removed/added by me, respectively).
>
> Then I add the radius user, allow it to run without sudo's asking for
> the password, and finally start the thing up:
> # pw useradd radius -d /nonexistent -s /usr/sbin/nologin
> # visudo
> # ... do the necessary chown/chmod on openradius logs/dictionaries ...
> # /usr/local/etc/rc.d/openradius start
>
> All fine so far: everything starts up fine and runs. The problem starts
> here:
> # /usr/local/etc/rc.d/openradius stop
> openradius not running?
> # ps -auxww | fgrep radiusd
> radius 89300 0.0 0.0 3756 1588 ?? Is 10:56AM 0:00.00
> /usr/local/sbin/radiusd
> ...
>
> any built-in way to make "stop" work, without changing rc.d/ too much?
>
> Thanks.
probably the user does not have rights to write /var/run/radiusd.pid or
whatever pid file it uses, I think the ``stop`` command cats that file
and seeks for the PID in the processtree and kills it { sort off }.
hope this helps!
--
/"\ Best regards, | remko at FreeBSD.org
\ / Remko Lodder | remko at EFnet
X http://www.evilcoder.org/ |
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-ports
mailing list