[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Logs and Permissions for Daemons

Herbert Xu wrote:
> There is nothing wrong with creating a new user when the alternative is
> running as root.

Yes there is. We have a scant number of dynamically allocated low user ID's,
and your rwhod, telnetd, identd, etc users are eating them rapidly. Please
think ahead instead of blindly creating new users, and please notice we have
a single "daemon" user already made that is meant to be there so random
daemons can run as it, not root.

> Itai Zukerman <zukerman@math-hat.com> wrote: 
> > 
> > I have a daemon that does _not_ require root priviledges to work 
> > normally.  It does produce some log files, however.  Is there a 
> > standard technique for handling this situation (I mean starting the 
> > daemon in init.d as a non-priviledged user but still having permission 
> > to write to logs)?  The trick is, I would rather not create a new user 
> > or group just for this daemon.      

To answer the original question, Itai should run his daemon as user daemon
and group daemon and should make a subdirectory in /var/log/ that is owned
by daemon.daemon. Then it can write logs there.

-- 
see shy jo
Reply to: