/usr/local/etc/rc.d/ scripts and non-root user
Zbigniew Szalbot
zszalbot at gmail.com
Wed Feb 6 16:57:26 UTC 2008
2008/2/6, Alex Zbyslaw <xfb52 at dial.pipex.com>:
> Zbigniew Szalbot wrote:
>
> >I have looked at my /usr/local/etc/rc.d/ and realized that the symlink
> >I put there has the root as owner. It all works but I would rather use
> >a non-root user for to run that script.
> >
> >$ ls -l /usr/local/etc/rc.d/
> >lrwxr-xr-x 1 root wheel 40 May 9 2007 sender.sh ->
> >/usr/home/api/sender/start.sh
> >
> There's one more potential mistake you are making here. Who the script
> runs as has nothing at all to do with who owns the script unless setuid
> or setgid bits are set. They would be set on the script itself and not
> the symlink, so we'd need to see
>
> ls -lL /usr/local/etc/rc.d/sender.sh
>
> to know what was set or not.
$ ls -lL /usr/local/etc/rc.d/sender.sh
-rwxr-xr-x 1 api wheel 604 May 8 2007 /usr/local/etc/rc.d/sender.sh
I have never really understood the thing about setuids, gid and etc. :)
I am not planning a restart so won't try it but I am pretty sure that
logs are created by root unless the api is started manually. No big
deal really but thanks for all the suggestions!
Zbigniew Szalbot
More information about the freebsd-questions
mailing list