Hi Jesse,
Not to be annoying :-), but any update on internal talks about this?
Thanks!
Cathy
- Original Message -
From: Jesse Noller [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, October 10, 2002 1:14 PM
Subject: RE: 2nd question - Run MX as nobody? - Solution
Cathy
Inside the script, for Unixes, we perform an su -u $user -c
Isn't that 'install and run as a given user', which I thought you said you
didn't want to do ?
No. That's install as root, start as root, and as root when Su'ing to a given user
with less than root privs. This means that when
- Run MX as nobody?
All,
I was able to configure ColdFusion MX to run as the nobody user on Sun
Solaris 8.
But in order to run it I had to provide the nobody user with a shell.
In my case, I used the Korn Shell.
When I set the shell for the nobody user back to: /usr/sbin/noshell
integrates it without contradiction into the
sum of his knowledge.
- Ayn Rand
-Original Message-
From: Troy Simpson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 10, 2002 10:58 AM
To: CF-Talk
Subject: Re: 2nd question - Run MX as nobody?
Jesse,
Thanks for the response.
I
I run this idea by our Sun Administrator.
Should we make the cfmx user a common user with a home directory, etc.?
Or is this considered common knowledge for a Sun Administrator?
I would think that the admin should know how to set up a limited permissions
user for running a deamon with.
That
Make the cfmx user with privs to access the webserver document
directory, otherwise, it is a normal user account.
!
Why would you ever need to login as the user CF runs as ?
Why does it need to be a member of the groups most users are part of
(usually 'users' by default) ?
Tom Chiverton
You
.
- Ayn Rand
-Original Message-
From: Thomas Chiverton [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 10, 2002 11:24 AM
To: CF-Talk
Subject: RE: 2nd question - Run MX as nobody?
Make the cfmx user with privs to access the webserver document
directory, otherwise, it is a normal
You don't need to login as the cfuser, however, the CFuser needs
a valid shell
It does ? What for ?
as well as typical privs associated with it.
I guess it depends what you mean by typical :-)
I wouldn't want my CFMX user to have read access to everything below /home
(some UNIXs set
No, that's not a viable solution. I cannot give 'nobody' a shell. That defeats the
purpose of nobody.
I posted in the forum (hey Troy, that was probably me!) and am not receiving a
response and have also submitted a bug report. I have narrowed it down to this:
CFMX will run as nobody if no
Noller
[EMAIL PROTECTED]
Macromedia Server Development
-Original Message-
From: Cathy Taylor [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 10, 2002 11:48 AM
To: CF-Talk
Subject: RE: 2nd question - Run MX as nobody? - Solution
No, that's not a viable solution. I cannot give 'nobody
No concept man forms is valid unless he
integrates it without contradiction into the
sum of his knowledge.
- Ayn Rand
-Original Message-
From: Thomas Chiverton [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 10, 2002 11:50 AM
To: CF-Talk
Subject: RE: 2nd question - Run MX as nobody
more to do with how it is doing the suid function.
Cathy Taylor
- Original Message -
From: Jesse Noller [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, October 10, 2002 11:58 AM
Subject: RE: 2nd question - Run MX as nobody?
Look in the coldfusion start script
issue.
Cathy Taylor
- Original Message -
From: Jesse Noller [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, October 10, 2002 12:00 PM
Subject: RE: 2nd question - Run MX as nobody? - Solution
Cathy-
Do *not* run coldfusion as the nobody user then. CFMX requires
No concept man forms is valid unless he
integrates it without contradiction into the
sum of his knowledge.
- Ayn Rand
-Original Message-
From: Thomas Chiverton [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 10, 2002 11:24 AM
To: CF-Talk
Subject: RE: 2nd question - Run MX
this
has more to do with how it is doing the suid function.
Cathy Taylor
- Original Message -
From: Jesse Noller [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, October 10, 2002 11:58 AM
Subject: RE: 2nd question - Run MX as nobody?
Look in the coldfusion start script
.
-Jesse Noller
Macromedia
-Original Message-
From: Cathy Taylor
To: CF-Talk
Sent: 10/10/2002 9:26 AM
Subject: Re: 2nd question - Run MX as nobody? - Solution
This is not an option. I don't know how many times I have to say that.
We have been using ColdFusion for years and have systems in place
See other assorted emails. It's because solaris su does not allow on the fly shell
definition for command execution
-Original Message-
From: Troy Simpson
To: CF-Talk
Sent: 10/10/2002 9:42 AM
Subject: Re: 2nd question - Run MX as nobody?
Jesse,
Why does the CFMX deamon require a user
not run on CF in addition to the CF ones.
Cathy
- Original Message -
From: Jesse Noller [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, October 10, 2002 1:14 PM
Subject: RE: 2nd question - Run MX as nobody? - Solution
Cathy-
I do recommend trying the noshell option
All,
I was able to configure ColdFusion MX to run as the nobody user on Sun Solaris 8.
But in order to run it I had to provide the nobody user with a shell.
In my case, I used the Korn Shell.
When I set the shell for the nobody user back to: /usr/sbin/noshell
I get the following:
#
knowledge.
- Ayn Rand
-Original Message-
From: Troy Simpson [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 09, 2002 4:16 PM
To: CF-Talk
Subject: Re: 2nd question - Run MX as nobody?
All,
I was able to configure ColdFusion MX to run as the nobody user on Sun
Solaris 8
All,
I'm having the same exact problem. I've also noticed a very descriptive posting in
Macromedia's Forums related to this and there is also no response to that posting
either. We also can not move forward until this has been resolved.
Troy
Cathy Taylor wrote:
I'm trying to evaluate our
Cathy Taylor wrote:
I'm trying to evaluate our CF MX upgrade on Solaris before I turn our
masses loose on it. I can't run it as root and our security
regulations forbid me from creating a new user to run it as (that
wouldn't work anyway since our web server runs as nobody). I've read
the
On Tuesday, Oct 8, 2002, at 13:47 US/Pacific, Sean A Corfield wrote:
scorfiel 23763 23758 0 13:40:03 pts/20:00 fgrep cf
nobody 27009 27007 0 Sep 04 ? 1435:01
/data/www/appserver/neo/bin/cfusion -start default
nobody 27007 1 0 Sep 04 ?0:00
On Tuesday, Oct 8, 2002, at 13:47 US/Pacific, Sean A Corfield wrote:
As far as I know, our guys just followed the installation instructions
but I'll ask them if there were any issues around the 'nobody' user.
I asked the engineers who did the installs: they just followed the
instructions.
-running use like Linux.
Therefore, simply create a user on the system with a valid shell, and set CF to run as
that, and you'll be fine.
Jesse
-Original Message-
From: Sean A Corfield
To: CF-Talk
Sent: 10/8/2002 1:47 PM
Subject: Re: 2nd question - Run MX as nobody?
Cathy Taylor wrote
I'm trying to evaluate our CF MX upgrade on Solaris before I turn our masses loose on
it. I can't run it as root and our security regulations forbid me from creating a new
user to run it as (that wouldn't work anyway since our web server runs as nobody).
I've read the docs and modified the
26 matches
Mail list logo
