/usr/local/etc/rc.d/ scripts and non-root user
Alex Zbyslaw
xfb52 at dial.pipex.com
Wed Feb 6 17:09:57 UTC 2008
Zbigniew Szalbot wrote:
>Thank you. I realized this was the case before I wrote previous
>message. The thing is the real file is owned by user api. However,
>when the application is started following a reboot, its logs are
>created by user root, whereas when I start it by hand as user api, its
>logs are owned by user api. So it once caused me a problem because the
>existing log file was owned by root and I stopped then started this
>particular software by hand as user api. Needless to say, it panicked
>about not being able to log what it was doing.
>
>I wonder that indeed a better solution may be to use cron for
>automatic startups, which Lowell rightly pointed out to me. I just
>loved the simplicity of symlinking sh scripts against
>/usr/local/etc/rc.d/ :)
>
>
I personally much prefer scripts in rc.d because it's much easier to
migrate than crontabs, and if I never use a crontab I always know where
to look.
It looks to me like you shouldn't be starting the demon as user api -
startups scripts should always be started as root. If the demon or
whatever is supposed to run as api not root, then perhaps your script
should say e.g.
su api -c the-path-to-the-demon-or-whatever
root can su to whoever without a password, and api can su to api without
a password, and everyone else gets prompted.
--Alex
More information about the freebsd-questions
mailing list