Re: Invoking runsvctrl as non-root

supervision - discussion about system services, daemon supervision, init, runlevel management, and tools such as s6 and runit
 help / color / mirror / Atom feed

From: Ian Stokes-Rees <i.stokes-rees1@physics.ox.ac.uk>
Cc: supervision@list.skarnet.org
Subject: Re: Invoking runsvctrl as non-root
Date: Wed, 01 Dec 2004 09:03:17 +0000	[thread overview]
Message-ID: <41AD88D5.8040504@physics.ox.ac.uk> (raw)
In-Reply-To: <pan.2004.12.01.03.03.08.397958@spamcop.net>

Hi,

Charles Duffy wrote:
>>I'm running into a permissions issue trying to invoke runsvctrl as a
>>non-root user
> 
> As the message implies, you need to give some permissions to the
> user you want to allow runsvctrl and runsvstat -- most particularly, write
> access to the socket ./supervise/control and read access to ./supervise/ok
> and ./supervise/status.

Put another way, I have seen this happen when I start a service as root, 
which then creates directories, files and sockets which *only* root can 
read and write, and then I want to control that same service with a 
non-root user.  I think this actually goes for *any* change between the 
first user to invoke runit commands on a service and subsequent users.

The trick is to manually change the access permissions, so other users 
can access the service.  Make sure they are the users you want to be 
able to access the service!  I am pretty sure those permissions will 
stick and runit won't overwrite them, unless the 
directories/files/sockets are deleted and re-created.  UMASK might come 
into play here, but I'm not sure.

HTH,

Ian.
-- 
Ian Stokes-Rees              i.stokes-rees@physics.ox.ac.uk
Particle Physics, Oxford     http://grid.physics.ox.ac.uk/~stokes

next prev parent reply	other threads:[~2004-12-01  9:03 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-12-01  1:06 Anthony Baker
2004-12-01  3:03 ` Charles Duffy
2004-12-01  9:03   ` Ian Stokes-Rees [this message]
2004-12-01 16:10     ` Anthony Baker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=41AD88D5.8040504@physics.ox.ac.uk \
    --to=i.stokes-rees1@physics.ox.ac.uk \
    --cc=supervision@list.skarnet.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).