From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/821 Path: news.gmane.org!not-for-mail From: "Charles M. Gerungan" Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: dnscache runs under daemontools, unable to bind (access denied) using runit Date: Fri, 20 May 2005 19:18:56 +0200 Message-ID: <2EF613DA-4D3C-434C-9E67-80CBBCA76E30@nednieuws.com> References: <41EB9410-E945-46D1-A17D-171BFC4750DF@nednieuws.com> <001f01c55d55$786c6460$6601a8c0@GHDESK> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 (Apple Message framework v730) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit X-Trace: sea.gmane.org 1116609483 19040 80.91.229.2 (20 May 2005 17:18:03 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Fri, 20 May 2005 17:18:03 +0000 (UTC) Original-X-From: supervision-return-1057-gcsg-supervision=m.gmane.org@list.skarnet.org Fri May 20 19:18:01 2005 Return-path: Original-Received: from antah.skarnet.org ([212.85.147.14]) by ciao.gmane.org with smtp (Exim 4.43) id 1DZB8G-0001k5-VU for gcsg-supervision@gmane.org; Fri, 20 May 2005 19:17:57 +0200 Original-Received: (qmail 18105 invoked by uid 76); 20 May 2005 17:19:22 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 18099 invoked from network); 20 May 2005 17:19:22 -0000 In-Reply-To: <001f01c55d55$786c6460$6601a8c0@GHDESK> X-Priority: 3 Original-To: supervision@list.skarnet.org X-Mailer: Apple Mail (2.730) Xref: news.gmane.org gmane.comp.sysutils.supervision.general:821 X-Report-Spam: http://spam.gmane.org/gmane.comp.sysutils.supervision.general:821 Op 20-mei-2005, om 18:03 heeft Gregg Howe het volgende geschreven: > The "-u" option in chpst changes dnscache to an unprivileged > user before it executes, so it isn't able to bind the UPD > socket. If you use "-U" instead, dnscache will be able to > complete this before it changes to Gdnscache. Oh, man, I think it's time to modify the manpage as -- at least to me -- what you said wasn't obvious: OPTIONS -u user[:group] setuidgid. Set uid and gid to the user's uid and gid. If user is followed by a colon and a group, set the gid to group's gid instead of user's gid. All supplementary groups are removed. -U user[:group] envuidgid. Set the environment variables $UID and $GID to the user's uid and gid. If user is followed by a colon and a group, set $GID to the group's gid instead of user's gid. So the difference is that -u drops privileges before the program is invoked and -U after? Thanks for your help. Next step: tinydns. -- Regards, Charles.