Re: I don't want to run bearerbox as root

Sat, 16 Feb 2002 17:28:36 -0800 

Hi!

I use the following script to run kannel as non-root user (its a adaptation
from
gatewway/utils/kannel-init.d):

>>>>>>>>>>> start kannel-init.d


#!/bin/sh
# Start/stop the kannel boxes: One bearer box and one SMS box.

# Make sure that the kannel binaries can be found in $BOXPATH or somewhere
# else along $PATH.  run_kannel_box has to be in $BOXPATH.

BOXPATH=/opt/kannel/sbin
PIDFILES=/opt/kannel/pid
CONF=/opt/kannel/conf/kannel.conf

USER=kannel
VERSION=""


RB=run_kannel_box
BB=bearerbox
WB=wapbox
SB=smsbox
SSD=start-stop-daemon

PATH=$BOXPATH:$PATH

# On Debian, the most likely reason for the bearerbox not being available
# is that the package is in the "removed" or "unconfigured" state, and the
# init.d script is still around because it's a conffile.  This is normal,
# so don't generate any output.
test -x $BOXPATH/$BB || exit 0

case "$1" in
  start)
    echo -n "Starting kannel gateway: bearerbox"

    sudo -u $USER $SSD --start --quiet --pidfile
$PIDFILES/kannel_bearerbox.pid --exec $BOXPATH/$RB -- --pidfile $PIDF
ILES/kannel_bearerbox.pid $BB -- $CONF
    echo -n " smsbox"
    sudo -u $USER $SSD --start --quiet --pidfile
$PIDFILES/kannel_smsbox.pid --exec $BOXPATH/$RB -- --pidfile $PIDFILE
S/kannel_smsbox.pid $SB -- $CONF
    echo "  [OKAY]"
    ;;

  stop)
    echo -n "Stopping gateway: "
    echo -n " smsbox"
    $SSD --stop --quiet --pidfile $PIDFILES/kannel_smsbox.pid --exec
$BOXPATH/$RB
    echo -n " bearerbox"
    $SSD --stop --quiet --pidfile $PIDFILES/kannel_bearerbox.pid --exec
$BOXPATH/$RB
    echo "  [OKAY]"
    ;;

  reload)
    # We don't have support for this yet.
    exit 1
    ;;

  restart|force-reload)
    $0 stop
    sleep 1
    $0 start
    ;;

  *)
    echo "Usage: $0 {start|stop|reload|restart|force-reload}"
    exit 1

esac

exit 0

>>>>>>>>>>> end kannel-init.d





----- Original Message -----
From: "Miroslav Vrankic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 15, 2002 12:24 PM
Subject: I don't want to run bearerbox as root


> We are using Kannel 0.10.3.
> For security reasons we are trying to run all kannel boxes as nobody (or
any
> non root, for example "kannel").
> There is no problem with sms and wap boxes. They are runnning as  user
> "kannel".
> When we tried to run bearerbox as user "kannel" other boxes could not
> connect to it.
> The "connection refused 111" error is obtained.
> Of course, we have started bearerbox before other boxes.
> You can see the used startup script at the and of the message.
> Thanks!
> Miroslav
>
>
>
> #! /bin/sh
> # kannel        Startup script for the Kannel WAP and SMS Gateway
> #
> #               Written by Andres Seco <[EMAIL PROTECTED]> using
> #               the skeleton provided by Miquel van Smoorenburg and
> #               Ian Murdock in Debian GNU/Linux 2.1 (slink)
> #               modified with paragraphs from diald startup script
> #               in Debian GNU/Linux 2.2 (potato)
> #               Modified from init script from alamin-server.
> #
> # Version:      @(#)kannel  1.0  19-Aug-2001  [EMAIL PROTECTED]
> #
>
> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
> RUNBOX=/usr/local/bin/run_kannel_box-0.10.3
> DAEMONA=/usr/local/bin/bearerbox-0.10.3
> DAEMONB=/usr/local/bin/wapbox-0.10.3
> DAEMONC=/usr/local/bin/smsbox-0.10.3
> NAMEA=bearerbox
> NAMEB=wapbox
> NAMEC=smsbox
> PIDA=kannel/bearerbox
> PIDB=kannel/wapbox
> PIDC=kannel/smsbox
> DESC="Kannel WAP and SMS Gateway"
> CONF=/usr/local/bin/m20.conf
> USER=kannel
>
> test -f $DAEMONA || exit 0
> test -f $DAEMONB || exit 0
> test -f $DAEMONC || exit 0
> test -f $CONF || exit 0
>
> set -e
>
> case "$1" in
>   start)
>         echo -n "Starting $DESC:"
>         start-stop-daemon --start --quiet \
>             --pidfile /var/run/$PIDA.pid \
>             --exec $RUNBOX \
>             -- \
>             --pidfile /var/run/$PIDA.pid \
>             $DAEMONA $CONF
>         echo -n " $NAMEA"
>         sleep 10
>         start-stop-daemon --start --quiet \
>             --chuid $USER \
>             --pidfile /var/run/$PIDB.pid \
>             --exec $RUNBOX \
>             -- \
>             --pidfile /var/run/$PIDB.pid \
>             $DAEMONB $CONF
>         echo -n " $NAMEB"
>         sleep 5
>         start-stop-daemon --start --quiet \
>             --chuid $USER \
>             --pidfile /var/run/$PIDC.pid \
>             --exec $RUNBOX \
>             -- \
>             --pidfile /var/run/$PIDC.pid \
>             $DAEMONC $CONF
>         echo -n " $NAMEC"
>         echo "."
>         ;;
>   stop)
>         echo -n "Stopping $DESC:"
>         start-stop-daemon --stop --quiet --oknodo \
>                 --pidfile /var/run/$PIDC.pid \
>                 --exec $RUNBOX
>         echo -n " $NAMEC"
>         start-stop-daemon --stop --quiet --oknodo \
>                 --pidfile /var/run/$PIDB.pid \
>                 --exec $RUNBOX
>         echo -n " $NAMEB"
>         start-stop-daemon --stop --quiet --oknodo \
>                 --pidfile /var/run/$PIDA.pid \
>                 --exec $RUNBOX
>         echo -n " $NAMEA"
>         echo "."
>         ;;
>   reload|force-reload|restart)
>         $0 stop
>         sleep 2
>         $0 start
>         ;;
>   *)
>         N=/etc/init.d/$NAME
>         echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
>         exit 1
>         ;;
> esac
>
> exit 0
>
>
>
>
>

Reply via email to