On Thu, Mar 26, 2015 at 11:20 PM, Timo Juhani Lindfors <timo.lindf...@iki.fi> wrote: > Eugene Zhukov <jevgeni...@gmail.com> writes: >>> 2) Does the service really need to run as root? >>> >> No, and this is even mentioned in upstream readme. It needs to create >> a pid file though. Any hint/pointer on how to change the packaging to >> not run it as root? > > You probably need to create a new user in the packaging. Then modify the > daemon to implement --user <username> option that drops the privileges > after writing the pid file and reading the configuration file. Quick > google finds > > http://search.cpan.org/~tlbdk/Privileges-Drop-1.03/lib/Privileges/Drop.pm > > which seems to be in debian as libprivileges-drop-perl. > I refactored the daemon so that it runs as dyfi user now with systemd-as-init. With SysV as init it still runs as root. It looks like too much hassle/effort to me since I'm not familiar with init scripting. If you think it's a must, I can implement privileges-drop for SysV, otherwise could you please upload it to NEW?
Thank you very much for the hints, Eugene -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org