netbsd-help: Running daemon as non-root user from rc.d?

Subject: Running daemon as non-root user from rc.d?
To: None <netbsd-help@netbsd.org>
From: Amadeus Stevenson <amadeus.stevenson@gmail.com>
List: netbsd-help
Date: 05/25/2006 13:12:58

Hello,

I was wondering how daemons like apache run as non-root users (www for exam=
ple)?

I have a non-pkgsrc rc.d script that contains:

                if [ "$who" =3D root ]
                then
                   su $SQUIDUSER -c "$SQUIDDIR/bin/daemonx $D_OPTIONS -c $
SQUIDDIR/etc/daemonx.conf"
                else
                   $SQUIDDIR/bin/daemonx $D_OPTIONS -c
$SQUIDDIR/etc/daemonx.conf
                fi

The problem is that $SQUIDUSER has /sbin/nologin as its shell, so su fails.

In the end this daemon has worker threads which *are* run as
$SQUIDUSER from squid, and the daemon gets swapped out. Does this mean
I don't have to worry? The deamonx has no open files (from fstat, nor
can I "see" it in ps -ax.

Running 'fstat | grep squid' shows a lot of open files

squid    squid      22170   13 /          11441 -rw-r--r--   76201 w
...

but also

root     squid      18646   wd /usr      304131 drwxr-xr-x     512 r
root     squid      18646    0 /          19964 crw-rw-rw-    null rw
root     squid      18646    1 /          19964 crw-rw-rw-    null rw
root     squid      18646    2 /          19964 crw-rw-rw-    null rw
root     squid      18646    3 /          19964 crw-rw-rw-    null rw
root     squid      18646    4* unix dgram c06633c0 <-> c066ca80

Is this from /etc/rc.d when it is loaded as root?

Thanks for any help,

Amadeus