/usr/local/etc/rc.d/ scripts and non-root user
xfb52 at dial.pipex.com
Wed Feb 6 17:19:16 UTC 2008
Zbigniew Szalbot wrote:
>I have never really understood the thing about setuids, gid and etc. :)
>I am not planning a restart so won't try it but I am pretty sure that
>logs are created by root unless the api is started manually. No big
>deal really but thanks for all the suggestions!
It's very simple really. When you run a program it always runs as the
user who you are right now. So if you are zbigniew a program you
execute runs as you. If you have su'ed or logged in as root, it runs as
In order to run the program, the user who you are must have the right
permissions - i.e. they must have an x bit set. If the program file is
owned by the same user as who you are, then you look at the first 3
permissions bits; otherwise if you are in the same group as the program
file you look at the next three bits; everyone else looks at the last
three bits. (Bits as in pieces, not as in 1/8th of a byte).
Some programs need to run as specific users or with a specific group.
E.g. shutdown must run as root. You make the file owned by root and set
the setuid bit. The permissions might then look like:
root wheel r-s-r-x--- shutdown
The s replaces the x to show that the file is both executable by root
Both root and anyone in group wheel can now run shutdown. and the setuid
bit says that *whoever* runs the program will run it as if they were root.
It's very similar for groups.
More information about the freebsd-questions