[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#779708: Client for updating dynamic hostname mappings for dy.fi

On Thu, Mar 26, 2015 at 11:20 PM, Timo Juhani Lindfors
<timo.lindfors@iki.fi> wrote:
> Eugene Zhukov <jevgeni.zh@gmail.com> writes:
>>> 2) Does the service really need to run as root?
>>>
>> No, and this is even mentioned in upstream readme. It needs to create
>> a pid file though. Any hint/pointer on how to change the packaging to
>> not run it as root?
>
> You probably need to create a new user in the packaging. Then modify the
> daemon to implement --user <username> option that drops the privileges
> after writing the pid file and reading the configuration file. Quick
> google finds
>
> http://search.cpan.org/~tlbdk/Privileges-Drop-1.03/lib/Privileges/Drop.pm
>
> which seems to be in debian as libprivileges-drop-perl.
>
I refactored the daemon so that it runs as dyfi user now with
systemd-as-init. With SysV as init it still runs as root. It looks
like too much hassle/effort to me since I'm not familiar with init
scripting.
If you think it's a must, I can implement privileges-drop for SysV,
otherwise could you please upload it to NEW?

Thank you very much for the hints,
Eugene
Reply to: