Le 07/07/13 01:55, Lars Schotte a écrit :
On Sat, 06 Jul 2013 23:47:46 +0200 Jean-Yves Migeon <jeanyves.migeon%free.fr@localhost> wrote:If they upgrade the system but forget passwd/group, hmm, they are shooting themselves in the foot; it is part of the postinstall/etcupdate dance. IMHO the checks in the code are not really worth it.why? either it will run with the user nobody,
The last patch I saw was clearly checking for the presence of _rtadvd, and if the getpwnam call failed, continue as usual (no setuid, no chroot).Dropping to nobody is acceptable as failsafe; indeed not as good as having a dedicated user, but ok. You still have to log for the absence of _rtadvd though.
or the system can check if the user exists and if not, then create it. like it does when you install some webserver or software like that, so i do not see any problem in that
> matter.Bad idea for a daemon; it is something more suitable for the package system rather than the daemon itself.
Cheers, -- Jean-Yves Migeon