/usr/local/etc/rc.d/ scripts and non-root user

Alex Zbyslaw xfb52 at dial.pipex.com
Wed Feb 6 17:09:57 UTC 2008

Zbigniew Szalbot wrote:

>Thank you. I realized this was the case before I wrote previous
>message. The thing is the real file is owned by user api. However,
>when the application is started following a reboot, its logs are
>created by user root, whereas when I start it by hand as user api, its
>logs are owned by user api. So it once caused me a problem because the
>existing log file was owned by root and I stopped then started this
>particular software by hand as user api. Needless to say, it panicked
>about not being able to log what it was doing.
>I wonder that indeed a better solution may be to use cron for
>automatic startups, which Lowell rightly pointed out to me. I just
>loved the simplicity of symlinking sh scripts against
>/usr/local/etc/rc.d/ :)
I personally much prefer scripts in rc.d because it's much easier to 
migrate than crontabs, and if I never use a crontab I always know where 
to look.

It looks to me like you shouldn't be starting the demon as user api - 
startups scripts should always be started as root.  If the demon or 
whatever is supposed to run as api not root, then perhaps your script 
should say e.g.

    su api -c the-path-to-the-demon-or-whatever

root can su to whoever without a password, and api can su to api without 
a password, and everyone else gets prompted.


More information about the freebsd-questions mailing list