MobileRead Forums - View Single Post

TypeC · 01-05-2016, 12:57 PM

Sorry to continue this in a slightly off-topic manner, but it turns out it is relatively straightforward to run Upstart jobs as non-privileged users (even though it appears to be uncommon), even if you are using an older version lacking the setuid / setgid settings.

The script has an "exec" statement for the daemon executable: I just put "sudo -u <user>" between "exec" and the name of the executable and the process owner is now showing as "<user>". I don't know whether this has any downsides, but everything I can think of trying appears to be working correctly.

Hopefully this will help anyone else finding this thread in a similar position to me.

(Aside - I've tried three times to correct the original tutorial post - so fewer people *will* be in the same position, but my comments keep being rejected as spam.)

01-05-2016, 12:57 PM	#12
TypeC Junior Member Posts: 6 Karma: 10 Join Date: Jan 2016 Location: UK Device: Nook Glowlight	Sorry to continue this in a slightly off-topic manner, but it turns out it is relatively straightforward to run Upstart jobs as non-privileged users (even though it appears to be uncommon), even if you are using an older version lacking the setuid / setgid settings. The script has an "exec" statement for the daemon executable: I just put "sudo -u <user>" between "exec" and the name of the executable and the process owner is now showing as "<user>". I don't know whether this has any downsides, but everything I can think of trying appears to be working correctly. Hopefully this will help anyone else finding this thread in a similar position to me. (Aside - I've tried three times to correct the original tutorial post - so fewer people will be in the same position, but my comments keep being rejected as spam.)