|Anonymous | Login | Signup for a new account||2017-11-25 06:56 CET|
|My View | View Issues | Change Log | Roadmap | My Account|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000038||easycwmp||[All Projects] Help||public||2015-02-24 11:52||2015-02-26 10:24|
|Status||resolved||Resolution||no change required|
|Platform||OS||Debian Jessie||OS Version|
|Summary||0000038: Can't run easycwmpd as non-root user|
|Description||Is it possible to run easycwmpd (the daemon) as a non-root user?|
I would like to do this for obvious security reasons.
I've tried getting ubusd running as the same non-root user (works fine), giving full permissions on the entire /opt/dev/easycwmp folder, adding execute rights for scripts in the dependencies, giving write access to /var/log/syslog etc etc, but easycwmpd resolutely refuses to run unless root user.
Nothing is written to any log file as far as I can see, so it's hard to diagnose further.
(easycwmp the script works fine - it's just the daemon that won't run).
|Steps To Reproduce||as above|
|Tags||No tags attached.|
Looking at the source, I note main() does a check of the UID and fails if not 0 (root). This is understandable because daemon needs capabilities e.g. to open socket.
Could it be imagined to do something similar to apache/nginx where the master process runs as root but the workers are non-root?
You can run as non root only if you have permission on your non-root user to use sockets.
And also you need permissions to create file under /var/run
|2015-02-24 11:52||tomdjpn||New Issue|
|2015-02-25 05:39||tomdjpn||Note Added: 0000128|
|2015-02-25 10:42||mohamed.kallel||Note Added: 0000130|
|2015-02-25 16:38||mohamed.kallel||Category||Bug => Help|
|2015-02-25 16:43||mohamed.kallel||Priority||high => normal|
|2015-02-25 16:43||mohamed.kallel||Severity||major => minor|
|2015-02-26 10:24||mohamed.kallel||Status||new => resolved|
|2015-02-26 10:24||mohamed.kallel||Resolution||open => no change required|
|2015-02-26 10:24||mohamed.kallel||Assigned To||=> mohamed.kallel|
|Copyright © 2000 - 2017 MantisBT Team|