Date: Sun, 20 Jun 2021 10:02:32 +0000
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 256728] rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh
Message-ID: <bug-256728-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D256728 Bug ID: 256728 Summary: rc.subr: ${name}_user uses "su -m" that invokes root shell instead of /bin/sh Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Ports Framework Assignee: portmgr@FreeBSD.org Reporter: eugen@freebsd.org CC: ports-bugs@FreeBSD.org The port net/p2p/transmission-daemon is an example of service that utilizes <name>_user rc.conf setting. Also, it supports writing debugging logs to pre-opened (redirected to a file) STDERR by means of environment variable TR_DEBUG_FD=3D2 but our framework uses "su -m" for such services executing = root shell that defaults to stock csh (contrib/tcsh) that closes its file descri= ptor 2 at start. Note there is some kind of work-around if we do not use login classes and/or limits for the service, then add to /etc/rc.conf transmission_chroot=3D"/" So "chroot -u transmission /" is used to substitute user instead of "su -m"= and chroot(8) is documented not to use root shell but SHELL=3D/bin/sh. And /bin= /sh keeps redirected STDERR open in such case. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-256728-7788>