Date: Sat, 30 Nov 2002 20:41:31 +0100 From: dslb@tiscali.dk To: questions@freebsd.org Subject: Re: login.conf problem Message-ID: <3D9FE7F600007EA7@cpfe5.be.tisc.dk>
next in thread | raw e-mail | index | archive | help
On 2002.11.30 18:24 Matthew Seaman wrote: > Hmmm... How about if you actually login as test or use 'su -l test' > rather than > just using 'su test' ? As the su(1) man page says: > > > > Resource limits > and session priority applicable to the original user's login > class (See > login.conf(5)) are also normally retained unless the target > login has a > user ID of 0. > > [...] > > > -l Simulate a full login. The environment is discarded > except for > HOME, SHELL, PATH, TERM, and USER. HOME and SHELL are > modified > as above. USER is set to the target login. PATH is > set to > ``/bin:/usr/bin''. TERM is imported from your current > environ- > ment. Environment variables may be set or overridden > from the > login class capabilities database according to the > class of the > target login. The invoked shell is the target login's, > and su > will change directory to the target login's home > directory. > Resource limits and session priority are modified to > that for the > target account's login class. Jep, now it works! Thanks :-) But that would say: If you program a daemon and root starts it, even thou= gh it drops permissions with setreuid(), it still have the root ressource pe= rmissions....!?!?! Sadly there is no easy way to drop ressource limits or is there? I know you can use setrlimit(), but you would have to fill in all fields and the= reby not using the admins login.conf setup. br socketd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D9FE7F600007EA7>