Hello,
I've just installed sysutils/monit on some new server and noticed there
were no dedicated user created to run the daemon.
I already run it as non-root on serveral servers. So I know it works.
Note that there are cases (service restart for example) that require
configuring doas rules. But once done, everything runs ok.
If you think that's ok, here's a patch to create a dedicated user.
Inspired from net/openvpn port.
Regards,
Jo
--- infrastructure/db/user.list.orig Wed Jun 26 17:04:43 2019
+++ infrastructure/db/user.list Wed Jun 26 17:06:41 2019
@@ -348,2 +348,3 @@
837 _thingsd _thingsd net/thingsd
838 _i2pd _i2pd net/i2pd
+839 _monit _monit sysutils/monit
--- sysutils/monit/pkg/PLIST.orig Wed May 1 21:21:57 2019
+++ sysutils/monit/pkg/PLIST Wed Jun 26 17:14:10 2019
@@ -1,3 +1,5 @@
@comment $OpenBSD: PLIST,v 1.11 2019/05/01 19:21:57 landry Exp $
+@newgroup _monit:839
+@newuser _monit:839:_monit:daemon:Monit Daemon:/var/monit:/sbin/nologin
@rcscript ${RCDIR}/monit
@bin bin/monit
