You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by "Simone Piunno (JIRA)" <ji...@apache.org> on 2007/01/25 16:41:49 UTC
[jira] Created: (DAEMON-93) jsvc should be runnable as non root.
jsvc should be runnable as non root.
------------------------------------
Key: DAEMON-93
URL: https://issues.apache.org/jira/browse/DAEMON-93
Project: Commons Daemon
Issue Type: Improvement
Environment: Linux
Reporter: Simone Piunno
On Linux jsvc only works as root.
Despite the discussion on issue 24, loading the kernel capability module doens't help.
pioppo@roentgen ~ $ uname -a
Linux roentgen 2.6.19-gentoo-r4 #1 PREEMPT Sun Jan 14 13:01:55 CET 2007 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux
pioppo@roentgen ~ $ lsmod|grep capa
capability 4296 0
commoncap 5952 1 capability
in the errfile I get:
14/01/2007 00:42:58 31709 jsvc.exec error: syscall failed in set_caps
14/01/2007 00:42:58 31709 jsvc.exec error: set_caps(CAPS) failed
14/01/2007 00:42:58 31708 jsvc.exec error: Service exit with a return value of 4
I've been told documentation says:
"Jsvc is a daemon process so it should be started as root and the -user
parameter allows to downgrade to an unprivilegded user."
but I see no reason why jsvc or any other daemon process shouldn't be runnable as non root therefore I'm creating this issue as a request for improvement.
I'm also attaching
I'm attaching a patch.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org
[jira] Updated: (DAEMON-93) jsvc should be runnable as non root.
Posted by "Simone Piunno (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DAEMON-93?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Simone Piunno updated DAEMON-93:
--------------------------------
Attachment: 1.0.1-capabilities.patch
> jsvc should be runnable as non root.
> ------------------------------------
>
> Key: DAEMON-93
> URL: https://issues.apache.org/jira/browse/DAEMON-93
> Project: Commons Daemon
> Issue Type: Improvement
> Environment: Linux
> Reporter: Simone Piunno
> Attachments: 1.0.1-capabilities.patch
>
>
> On Linux jsvc only works as root.
> Despite the discussion on issue 24, loading the kernel capability module doens't help.
> pioppo@roentgen ~ $ uname -a
> Linux roentgen 2.6.19-gentoo-r4 #1 PREEMPT Sun Jan 14 13:01:55 CET 2007 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux
> pioppo@roentgen ~ $ lsmod|grep capa
> capability 4296 0
> commoncap 5952 1 capability
> in the errfile I get:
> 14/01/2007 00:42:58 31709 jsvc.exec error: syscall failed in set_caps
> 14/01/2007 00:42:58 31709 jsvc.exec error: set_caps(CAPS) failed
> 14/01/2007 00:42:58 31708 jsvc.exec error: Service exit with a return value of 4
> I've been told documentation says:
> "Jsvc is a daemon process so it should be started as root and the -user
> parameter allows to downgrade to an unprivilegded user."
> but I see no reason why jsvc or any other daemon process shouldn't be runnable as non root therefore I'm creating this issue as a request for improvement.
> I'm also attaching
> I'm attaching a patch.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org