start at boot, run as non-root

Matthew Seaman m.seaman at infracaninophile.co.uk
Wed Mar 14 08:13:07 UTC 2012 

On 14/03/2012 07:30, n dhert wrote:
> I have FreeBSD8.2.
> Sedna, an XML database server, had no port in th FreeBSD ports collection
> but has a binary compiled for FreeBSD8 on www.sedna.org.
> I installed that.
> To start it at boot I created a script /usr/local/etc/rc.d/sedna :
> -----------------------------------------------
> #!/bin/sh
> #
> # PROVIDE: sedna
> # REQUIRE: DAEMON
> # KEYWORD: shutdown
> #
> . /etc/rc.subr
> 
> name="sedna"
> rcvar=${name}_enable
> command=/home/opt/sedna/bin/se_gov
> 
> load_rc_config $name
> 
> : ${sedna_enable="NO"}
> 
> run_rc_command "$1"
> --------------------------------------------
> and added sedna_enable="YES" at the end of my /etc/rc.conf
> 
> This way it starts at boot:
> $ ps -jaxww | grep se_
> root        7064     1  7064  7064    0 Is    ??    0:00.00
> /home/opt/sedna/bin/se_gov -background-mode off -listen-address localhost
> -port-number 5050 -ping-port-number 5151 -el-level 3 -alive-timeout 0
> -stack-depth 4000
> The deamon runs as root. I want it run by a non-root user, e.g. a user
> 'sedna''
> 
> How can I do that?
> 
> The sedna server binary se_gov has no option in its man-page to start the
> program run as a different user ..

Add a variable:

${name}_user=sedna

to the init script.  The rc(8) system will use su(1) to start up the
sedna process using your selected username.  There's also ${name}_group
but that works a bit differently.

I'm intrigued that this software should be supported on FreeBSD
upstream, but not appear in ports.  Are there some onerous license terms
or other obstacles[*]?  If not, would you consider submitting your work
as a port?

	Cheers,

	Matthew

[*] Seems it uses Apache licensing according to http://www.sedna.org/,
which is exceedingly FreeBSD compatible, so I don't think licensing
would be an obstacle.

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew at infracaninophile.co.uk               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20120314/45cba476/signature.pgp

More information about the freebsd-questions mailing list