View previous topic :: View next topic |
Author |
Message |
nihilo Apprentice
Joined: 05 Nov 2002 Posts: 168 Location: berkeley, ca, usa
|
Posted: Mon Oct 04, 2004 10:52 pm Post subject: starting a service as non-root user? |
|
|
I've just installed tomcat using portage, and portage seemed to set things up nicely (making $TOMCAT_HOME/log point to /var/log/tomcat5, etc). It also added a tomcat group, which I dutifully added my user account to, but when I try to start Tomcat, I get:
Code: | nihilo@nihilo ~ $ /etc/init.d/tomcat5 start
* ERROR: must be root to run init scripts
nihilo@nihilo ~ $ |
The permissions on the script seem correct:
Code: | -rwxr-x--- 1 root tomcat 642 Oct 3 21:15 /etc/init.d/tomcat5* |
I looked through the init chapter, but I don't see anything in there about running these as a non-root user. Is this possible? It seems like a senseless restriction, since the world permission on the init script can be set to non-execute for all non-root users by default, but still allowing it to be turned back on for group user (as above).
I don't want to do sudo, and basically just want to do what I could easily do if I were still using a tomcat I installed without portage (something like "tomcat {start|stop|restart}".
Any suggestions? |
|
Back to top |
|
|
darfsnuzal n00b
Joined: 07 Aug 2003 Posts: 36
|
Posted: Tue Oct 05, 2004 12:06 am Post subject: |
|
|
Add "--chuid <userid>" to the appropriate start-stop-daemon line in /etc/init.d/tomcat5 script. It would look something like this:
Code: |
start-stop-daemon --start --chuid tomcat ...
|
if your user was "tomcat". Then run the command normally as root.
Darf _________________ "Born to Compile" |
|
Back to top |
|
|
nihilo Apprentice
Joined: 05 Nov 2002 Posts: 168 Location: berkeley, ca, usa
|
Posted: Tue Oct 05, 2004 2:19 am Post subject: |
|
|
darfsnuzal wrote: | Add "--chuid <userid>" to the appropriate start-stop-daemon line in /etc/init.d/tomcat5 script. It would look something like this:
Code: |
start-stop-daemon --start --chuid tomcat ...
|
if your user was "tomcat". Then run the command normally as root.
Darf |
Thanks very much for the suggestion. This is useful information to know, but it doesn't accomplish what I would like to do. My apologies if I wasn't clear.
What I want to do is be able to invoke the command (/etc/init.d/tomcat5 start|stop|restart) as a non-root user--in particular, a user who is in the 'tomcat' group. I am looking for a way to not have to start it as root. In fact, your suggestion is already in the script, so good thinking, but it doesn't allow me to create the process from a non-root account, which is what I am trying to do (I hate sudo):
Code: | start-stop-daemon --start --quiet --chuid tomcat:tomcat --exec ${CATALINA_HOME}/bin/catalina.sh -- ${TOMCAT_START} |
Any other suggestions? It seems like a good thing to have root do as little as possible, so I would think there would be some way to have non-system services be started by the users who 'own' those services. I know that only root can change the uid of a process, so perhaps that is the reason. But in that case, I'll have to download the tarball and install without portage, then run it under my user's uid. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|