On Wed, Aug 25, 1999 at 09:44:34AM +0200, Jozef Hitzinger wrote:
>
> Maybe I should add how it works:
>
> On the machine to which the ups is connected via serial cable, two daemons
> start at boot:
>
> - <model>: hardware dependent, implements standard functions
nobody.dialout (sgid)
> - upsd: intermediates communication between <model> and other
> ups-monitoring clients (they differ - from simple ones, which just
> print out ups stats, to upsmon, which runs all the time and if the battery
> goes low, shutdowns the system; this one has to be root).
nobody.whatever or root.whatever as necessary. nobody.nobody or user.user
would work fine for the simplest one (print UPS stats on demand you
said?), but permissions would vary based on what's being done.
> <model> & upsd doesn't need to be root, the desired id under which they'll
> run can be configured before compilation.
See about getting upstream to make it dynamic, that would help a lot.
Still, given that the only special privs <model> needs are the ability to
access a serial port sgid dialout is not unreasonable.
--
Joseph Carter <knghtbrd@debian.org> Debian GNU/Linux developer
GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3
PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77 8E E2 29 96 C9 44 5F BE
--------------------------------------------------------------------------
<Knghtbrd> Granted, RMS is a fanatic, I don't deny this. I'll even say
he's a royal pain in the arse most of the time. But he's
still more often right than not, and he deserves some level of
credit and respect for his work. We would NOT be here today
without him.
Attachment:
pgp4NBcXmi0RB.pgp
Description: PGP signature