Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 24 Dec 2010 14:36:15 +1000
From:      Da Rock <freebsd-questions@herveybayaustralia.com.au>
To:        freebsd-questions@freebsd.org
Subject:   Re: rc.d and environment variables
Message-ID:  <4D14233F.4070107@herveybayaustralia.com.au>
In-Reply-To: <20101224035041.GF16472@admin.sibptus.tomsk.ru>
References:  <20101223172752.GA8539@admin.sibptus.tomsk.ru>	<20101223201249.ea7648aa.freebsd@edvax.de>	<20101223191443.GA24653@gizmo.acns.msu.edu>	<20101224031352.GB16472@admin.sibptus.tomsk.ru>	<20101224042542.3e21a6df.freebsd@edvax.de> <20101224035041.GF16472@admin.sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 12/24/10 13:50, Victor Sudakov wrote:
> Polytropon wrote:
>    
>>> Of course I can always write my own script or put something like
>>> su -l svn -c 'usr/local/bin/svnserve -d --listen-port=3690 bla bla'
>>> into /etc/rc.local, but the question was about the rc.d framework.
>>>        
>> Environmental variables cannot be controlled by the rc.d
>> framework, as far as I understand. Using login classes to
>> define them should be the correct way.
>>
>> > From "man login.conf":
>>
>> 	setenv	list	A comma-separated list of
>> 			environment variables and
>> 			values to which they are to
>> 			be set.
>>      
> I thought of that, and in fact I wrote about it in the very first
> message:
>
>    
>>> I tried to do this via a login class for the svn user, but it did
>>> not work. If I first 'su -l svn' and then start the daemon
>>> manually, the environment variable is set all right, but not when
>>> it is started from /usr/local/etc/rc.d/svnserve.
>>>        
>    
>> What did you enter for the svnserve user in /etc/login.conf,
>>      
> svn:\
>          :setenv=KRB5_KTNAME=~/svn.keytab:\
>          :tc=default:
>
>
>    
>> and did you make sure there is no override setting in the
>> corresponding user's ~/.login.conf?
>>      
> I am pretty sure because when I login interactively as svn, I see
>
> $ whoami
> svn
> $ printenv | grep KT
> KRB5_KTNAME=/home/svn/svn.keytab
> $
>
> But it does not work for the rc.d script.
>
>    
Doesn't the rc.d script run as root initially and then a method (default 
flags, etc) is used to change the owner to a nobody (restricted 
privilege user)? Just my 2c, but please correct me if I'm wrong.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D14233F.4070107>