[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: How do you...

To: <tech@openbsd.org>
Subject: RE: How do you...
From: <wilton@daedilus.com>
Date: Wed, 3 Jan 2001 11:40:43 -0800
Cc: "Todd C. Miller" <Todd.Miller@courtesan.com>
Importance: Normal

I'm trying to run a server as another user so that it doesn't run as root.
I don't want to offer a shell on the account for fear that a security bug
may be found.

I've read the man page for su and I've tried both -c and -m but neither one
will work.  I use 'su -m jabber jabberd/jabberd' and it tells me that it
can't execute the binary file, but if I place the -m after jabber then it
tells me it can't login and gives the nologin message.  According to the man
page I should just be able to 'su jabber -c jabberd/jabberd' but no luck.

Any help would be appreciated.

-----Original Message-----
From: owner-tech@openbsd.org [mailto:owner-tech@openbsd.org]On Behalf Of
Todd C. Miller
Sent: Wednesday, January 03, 2001 7:45 AM
To: BetWil @ Viser
Cc: tech@openbsd.org
Subject: Re: How do you...


In message <LGECLINAGEMDNMDFCKKBAEHKCBAA.betwil@viser.net>
	so spake "BetWil @ Viser" (betwil):

> I've been trying to run a command as another user that has /sbin/nologin
as
> the shell all without success.  I'm wondering if this has to do with the
new
> class system that's been implemented or if you can't run commands as
another
> user when they don't have a shell.

I'm not exactly sure what you mean by this.  You cannot 'su' to a
user with /sbin/nologin as their shell since that would just run
/sbin/nologin (which prints an error and exits).

 - todd

Follow-Ups:
- Re: How do you...
  - From: Vincent Bernat <bernat@free.fr>

References:
- Re: How do you...
  - From: "Todd C. Miller" <Todd.Miller@courtesan.com>

Prev by Date: About fxtv to OpenBSD 2.8
Next by Date: Re: How do you...
Prev by thread: Re: How do you...
Next by thread: Re: How do you...
Index(es):
- Date
- Thread