[patch] changing uid of the server

Edward Rudd erudd at netfor.com
Thu Sep 20 16:30:52 UTC 2007


Michael Scherer wrote:
> Selon Jeremy Lawler <jeremylawler at gmail.com>:
> 
[snip]
> 
> But the main reason I had was the pidfile, in /var/run/. Of course, we could
> place it elsewhere, but this would be against FHS I guess. And lowering
> permission of /var/run is not a option, imho.

The way I got around that was by having my RPM create a djabberd
directory under /var/run w/ the djabberd ownership and putting the PID
there. Which is how a log of applications accomplish this task. (cups,
memcached, mysql, named, ldap, nut, avahi).  However I do see value in
having djabberd changed EUID on startup, so long as the patch is
thoroughly tested and verified for any security issues. As having a
security hole where it doesn't correctly *give up* permissions is quite
nasty.

> And keeping everything in one file is better than having part of the
> configuration in the initscript, and the rest in the configfile.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: erudd.vcf
Type: text/x-vcard
Size: 272 bytes
Desc: not available
Url : http://lists.danga.com/pipermail/djabberd/attachments/20070920/792cfb91/erudd.vcf


More information about the Djabberd mailing list