From owner-freebsd-security Thu Feb 17 10:20:43 2000 Delivered-To: freebsd-security@freebsd.org Received: from testbed.baileylink.net (testbed.baileylink.net [63.71.213.24]) by hub.freebsd.org (Postfix) with ESMTP id 685D837B6F8 for ; Thu, 17 Feb 2000 10:20:38 -0800 (PST) (envelope-from brad@testbed.baileylink.net) Received: (from brad@localhost) by testbed.baileylink.net (8.9.3/8.9.3) id MAA15728 for freebsd-security@freebsd.org; Thu, 17 Feb 2000 12:21:40 -0600 (CST) (envelope-from brad) Date: Thu, 17 Feb 2000 12:21:40 -0600 From: Brad Guillory To: freebsd-security@freebsd.org Subject: Re: Nonpriveleged daemons and pid files Message-ID: <20000217122140.D11118@baileylink.net> References: <00021720524101.23691@newbee.web2000.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <00021720524101.23691@newbee.web2000.ru>; from novikov@webclub.ru on Thu, Feb 17, 2000 at 08:47:26PM +0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Write a startup script for the application that "touch"es the pid file then "chown"s it to the appriopriate user. Or make a daemon group and put all the daemons in it, then chgrp the /var/run directory to daemon group and chmod it to 775. (Sorry neither are tested.) BMG On Thu, Feb 17, 2000 at 08:47:26PM +0300, Andrey Novikov wrote: > Hello, > > now more and more daemons can be run from non-priveleged > account - BIND, MTAs, DBMS'es and so on, but it > sometimes leads to two minor problems - either this daemon > can't create pid file in /var/run or it can't update it on > restart. What is the common way to overcome that problem - > it's very convinient to store them in one place. > > Andrey Novikov > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message