From f525621c19e5d3fdb00cbfaebdf484aacaf23f75 Mon Sep 17 00:00:00 2001 From: Eric Bollengier Date: Wed, 6 Oct 2010 17:57:10 +0200 Subject: [PATCH] Use start-stop-daemon handler to run daemons as bacula:bacula When the program is started as root, and we call setuid/setgid, we can no longer call ptrace to get some backtrace. Using debian/ubuntu start-stop-daemon permits to run directly the director/sd as bacula:bacula. --- bacula/platforms/debian/bacula-dir.in | 14 +++++++------- bacula/platforms/debian/bacula-fd.in | 14 +++++++------- bacula/platforms/debian/bacula-sd.in | 14 +++++++------- bacula/platforms/ubuntu/bacula-dir.in | 14 +++++++------- bacula/platforms/ubuntu/bacula-fd.in | 14 +++++++------- bacula/platforms/ubuntu/bacula-sd.in | 14 +++++++------- 6 files changed, 42 insertions(+), 42 deletions(-) diff --git a/bacula/platforms/debian/bacula-dir.in b/bacula/platforms/debian/bacula-dir.in index 1ad675c963..5764f8d214 100644 --- a/bacula/platforms/debian/bacula-dir.in +++ b/bacula/platforms/debian/bacula-dir.in @@ -24,7 +24,7 @@ DESC="@BACULA@ Director" DAEMON=@sbindir@/${NAME} BUSER=@dir_user@ BGROUP=@dir_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@dir_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -38,22 +38,22 @@ fi PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; diff --git a/bacula/platforms/debian/bacula-fd.in b/bacula/platforms/debian/bacula-fd.in index 100e6a6817..8f81442337 100644 --- a/bacula/platforms/debian/bacula-fd.in +++ b/bacula/platforms/debian/bacula-fd.in @@ -24,7 +24,7 @@ DESC="@BACULA@ File Daemon" DAEMON=@sbindir@/${NAME} BUSER=@fd_user@ BGROUP=@fd_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@fd_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -38,22 +38,22 @@ fi PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; diff --git a/bacula/platforms/debian/bacula-sd.in b/bacula/platforms/debian/bacula-sd.in index 62aa4c4d2f..0f2ab9b5f6 100644 --- a/bacula/platforms/debian/bacula-sd.in +++ b/bacula/platforms/debian/bacula-sd.in @@ -24,7 +24,7 @@ DESC="@BACULA@ Storage Daemon" DAEMON=@sbindir@/${NAME} BUSER=@sd_user@ BGROUP=@sd_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@sd_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -38,22 +38,22 @@ fi PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; diff --git a/bacula/platforms/ubuntu/bacula-dir.in b/bacula/platforms/ubuntu/bacula-dir.in index d4bbc404c5..5c9ac5f40b 100644 --- a/bacula/platforms/ubuntu/bacula-dir.in +++ b/bacula/platforms/ubuntu/bacula-dir.in @@ -25,7 +25,7 @@ DESC="Bacula Director" DAEMON=@sbindir@/${NAME} BUSER=@dir_user@ BGROUP=@dir_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@dir_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -46,22 +46,22 @@ mkdir -p @piddir@ PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} ${USERGRP} RETVAL=$? echo "${NAME}" ;; diff --git a/bacula/platforms/ubuntu/bacula-fd.in b/bacula/platforms/ubuntu/bacula-fd.in index 17d3d04dbb..1f260c7a10 100644 --- a/bacula/platforms/ubuntu/bacula-fd.in +++ b/bacula/platforms/ubuntu/bacula-fd.in @@ -25,7 +25,7 @@ DESC="Bacula File Daemon" DAEMON=@sbindir@/${NAME} BUSER=@fd_user@ BGROUP=@fd_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@fd_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -46,22 +46,22 @@ mkdir -p @piddir@ PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; diff --git a/bacula/platforms/ubuntu/bacula-sd.in b/bacula/platforms/ubuntu/bacula-sd.in index e8c5e6c731..ff1de0a7b7 100644 --- a/bacula/platforms/ubuntu/bacula-sd.in +++ b/bacula/platforms/ubuntu/bacula-sd.in @@ -25,7 +25,7 @@ DESC="Bacula Storage Daemon" DAEMON=@sbindir@/${NAME} BUSER=@sd_user@ BGROUP=@sd_group@ -BOPTIONS="-c @sysconfdir@/${NAME}.conf" +USERGRP="-c @sysconfdir@/${NAME}.conf" BPORT=@sd_port@ PATH=/sbin:/bin:/usr/sbin:/usr/bin @@ -46,22 +46,22 @@ mkdir -p @piddir@ PIDFILE=@piddir@/${NAME}.${BPORT}.pid if [ "x${BUSER}" != "x" ]; then - BOPTIONS="${BOPTIONS} -u ${BUSER}" -fi -if [ "x${BGROUP}" != "x" ]; then - BOPTIONS="${BOPTIONS} -g ${BGROUP}" + USERGRP="--chuid ${BUSER}" + if [ "x${BGROUP}" != "x" ]; then + USERGRP="${BOPTIONS}:${BGROUP}" + fi fi case "$1" in start) echo -n "Starting ${DESC}: " - start-stop-daemon --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --start --quiet --pidfile ${PIDFILE} ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; stop) echo -n "Stopping ${DESC}: " - start-stop-daemon --oknodo --stop --quiet --exec ${DAEMON} -- ${BOPTIONS} + start-stop-daemon --oknodo --stop --quiet ${USERGRP} --exec ${DAEMON} RETVAL=$? echo "${NAME}" ;; -- 2.39.5