Subject: Running daemon as non-root user from rc.d?
To: None <netbsd-help@netbsd.org>
From: Amadeus Stevenson <amadeus.stevenson@gmail.com>
List: netbsd-help
Date: 05/25/2006 13:12:58
Hello,
I was wondering how daemons like apache run as non-root users (www for exam=
ple)?
I have a non-pkgsrc rc.d script that contains:
if [ "$who" =3D root ]
then
su $SQUIDUSER -c "$SQUIDDIR/bin/daemonx $D_OPTIONS -c $
SQUIDDIR/etc/daemonx.conf"
else
$SQUIDDIR/bin/daemonx $D_OPTIONS -c
$SQUIDDIR/etc/daemonx.conf
fi
The problem is that $SQUIDUSER has /sbin/nologin as its shell, so su fails.
In the end this daemon has worker threads which *are* run as
$SQUIDUSER from squid, and the daemon gets swapped out. Does this mean
I don't have to worry? The deamonx has no open files (from fstat, nor
can I "see" it in ps -ax.
Running 'fstat | grep squid' shows a lot of open files
squid squid 22170 13 / 11441 -rw-r--r-- 76201 w
...
but also
root squid 18646 wd /usr 304131 drwxr-xr-x 512 r
root squid 18646 0 / 19964 crw-rw-rw- null rw
root squid 18646 1 / 19964 crw-rw-rw- null rw
root squid 18646 2 / 19964 crw-rw-rw- null rw
root squid 18646 3 / 19964 crw-rw-rw- null rw
root squid 18646 4* unix dgram c06633c0 <-> c066ca80
Is this from /etc/rc.d when it is loaded as root?
Thanks for any help,
Amadeus