On Mon, Aug 25, 2003 at 07:00:03PM -0500, Jerry Haltom wrote:
> I'm curious how many "wtf are you thinking?" reactions can be gathered
> for the idea of a per-user init.d system?
>
> I see this need a bit, for users who do development with various
> services, but admin's not wanting to give them root for one reason or
> another. Such as, apache or other web servers. Fetchmail?
>
> (yes I realize fetchmail could be started from cron, which notably also
> has a similar per user idea)
>
> /var/lib/user-init/${uid}/init.d
> /var/lib/user-init/%{uid}/rc${runlevel}.d
>
> Would be started from /etc/init.d/user-init. Script would run in each
> runlevel and run each user's various scripts just like a normal init
> sequence, except chuid'd.
>
> So, how insane am I?
Quite :-)
One can't start or stop anything that requires a port under 1024 (such
as apache) without root permissions. You'll have to give them those, no
other option.
You do have the option to go with sudo, however. Sudo allows you to
specify exactly which commands a user may or may not restart; you could
say that a user might run commands of this type:
/etc/init.d/apache .*
<some editor> /etc/apache/httpd.conf
Watch out for editors, though. Most editors allow you to start shells,
open other files, etc. You'll have to look for one who doesn't.
--
Wouter Verhelst
Debian GNU/Linux -- http://www.debian.org
Nederlandstalige Linux-documentatie -- http://nl.linux.org
"Stop breathing down my neck." "My breathing is merely a simulation."
"So is my neck, stop it anyway!"
-- Voyager's EMH versus the Prometheus' EMH, stardate 51462.
Attachment:
pgpbQzCJxRsCd.pgp
Description: PGP signature