correct use of su

On 11 May 2014 03:13, Matthias Urlichs <matthias@urlichs.de> wrote:

"su" does a bunch of things that are perfectly appropriate for something
that creates a "new" login. That's its job.

I am still a bit confused, isn't this only when you use the "-l" su flag?

Does su do stuff (e.g. pam session stuff) even without the -l flag?

Running a daemon under its own UID is an almost-completely different
problem. We already have a tool which does this (start-stop-daemon),
which has been recommended for this task for umpteen years, and which still
works if there is no .service file – for whatever reason.

As a debian developer I was unaware of this.

What about the task of running a short program for a brief duration, e.g. from cron scripts? Is using su considered acceptable?

e.g. /etc/cron.daily/spamassassin on wheezy has numerous references to su. I think there might be other packages, this is just one I could find the quickest.

The name "start-stop-daemon" would suggest this is inappropriate for cron jobs, is that an invalid assumption I made?

(please don't turn this into a systemd debate - I simply want to know what is considered best practise for Debian packaging)

--
Brian May <brian@microcomaustralia.com.au>