On Wed, Jun 26, 2019 at 05:29:14PM +0200, Joel Carnat wrote: > Hello, > > I've just installed sysutils/monit on some new server and noticed there > were no dedicated user created to run the daemon. > > I already run it as non-root on serveral servers. So I know it works. > Note that there are cases (service restart for example) that require > configuring doas rules. But once done, everything runs ok. > > If you think that's ok, here's a patch to create a dedicated user. > Inspired from net/openvpn port. > > Regards, > Jo
> --- infrastructure/db/user.list.orig Wed Jun 26 17:04:43 2019 > +++ infrastructure/db/user.list Wed Jun 26 17:06:41 2019 > @@ -348,2 +348,3 @@ > 837 _thingsd _thingsd net/thingsd > 838 _i2pd _i2pd net/i2pd > +839 _monit _monit sysutils/monit > > --- sysutils/monit/pkg/PLIST.orig Wed May 1 21:21:57 2019 > +++ sysutils/monit/pkg/PLIST Wed Jun 26 17:14:10 2019 > @@ -1,3 +1,5 @@ > @comment $OpenBSD: PLIST,v 1.11 2019/05/01 19:21:57 landry Exp $ > +@newgroup _monit:839 > +@newuser _monit:839:_monit:daemon:Monit Daemon:/var/monit:/sbin/nologin Can't we use /nonexistent for HOME like most other daemons do? > @rcscript ${RCDIR}/monit > @bin bin/monit -- Antoine