inn.conf: Support for `newsuser', `newsgrp' options (patch is, hopefully, included)

Julien ÉLIE julien at trigofacile.com
Fri Dec 21 14:55:09 UTC 2007


Hi Ivan,

>> It is a bit different in INN 2.5 since inndstart is no longer used:
>> backends/innbind is now starting everything and it will not change
>> users.  So perhaps get_news_uid_gid() should not be used there and
>> the code kept intact (?)
>
>> /* If we're running privileged (effective and real UIDs are different),
>>    convert NEWSUSER to a UID and exit if run by another user.  Don't do
>>    this if we're not running privileged to make installations that don't
>>    need privileged ports easier and to make testing easier. */
>> real_uid = getuid();
>> if (real_uid != geteuid()) {
>
> Looks like `ensure_news_user (0)' will fit there, like:
>
> ->     pwd = getpwnam(NEWSUSER);
> ->     if (pwd == NULL)
> ->         die("cannot get UID for %s", NEWSUSER);
> ->     if (real_uid != pwd->pw_uid)
> ->     if (real_uid != news_uid)
> ->         die("must be run by user %s (%lu), not %lu", NEWSUSER,
> ->             (unsigned long) pwd->pw_uid, (unsigned long) real_uid);
> +      ensure_news_user (0);
> > }
>
> Provided that get_news_uid_gid () (on top of which
> ensure_news_user () is implemented) is corrected as suggested
> above.

I have just tried ensure_news_user(0) but it does not work:

15:42 root at trigofacile /home/news/work/trunk# /etc/init.d/inn2 start
Starting news server: Starting innd.
Scheduled start of /home/news/bin/innwatch.
Scheduled start of cnfsstat.
zsh: exit 1     /etc/init.d/inn2 start


Dec 21 15:42:23 news innd: innbind returned no output, assuming failure
Dec 21 15:42:23 news innd: innbind failed for 0.0.0.0,119
Dec 21 15:42:23 news innd: SERVER cant listen on any sockets
Dec 21 15:42:23 news nnrpd[11843]: cant bind to any addresses


However, if I keep the previous code, everything seems to work
(with your whole patch).

My /etc/init.d/inn2 file does:

    su news -c /home/news/bin/rc.news
    su news -c '/home/news/bin/nnrpd -D -c /home/news/etc/readers-ssl.conf -p 563 -S'


Do you have any idea on that issue?

-- 
Julien ÉLIE

« -- Vous ne sortirez jamais d'ici étrangers ! Ce tombeau sera votre tombeau !
  -- Tout cela ne serait pas arrivé dans un menhir ! » (Astérix) 



More information about the inn-workers mailing list