Starting a program on boot as a non-root user

rayzorblayde · 2006-01-14 00:36:40

Well, the title explains my question for the most part. I'm trying to start a program when the computer boots as a non-root user, like apache uses the httpd user. i tried searching on multiple subjects, but have not found anything that works. could someone please help me out? thanks!

stonecrest · 2006-01-14 04:58:52

You could always use sudo to do it.

Cam · 2006-01-14 06:37:19

su rayzor -c ./programname

codergeek42 · 2006-01-14 07:02:46

rayzorblayde wrote:

Well, the title explains my question for the most part. I'm trying to start a program when the computer boots as a non-root user, like apache uses the httpd user. i tried searching on multiple subjects, but have not found anything that works. could someone please help me out? thanks!

You don't want to run Apache as httpd. It needs the root priveleges to bind to port 80 (normal user processes are restricted to ports at 1024 and higher). Don't worry though! Once it binds properly and is listening for incoming HTTP requests, it will drop all root priveleges.

If you really want to though:

$ man su

Hope that helps!

rayzorblayde · 2006-01-14 16:37:27

Well,

the program's start script is weird, and requires me to 'cd' to the directory and then run the `./program start`. i'm assuming the su with the -c flag could work on server bootup, but I want to get the command working manually first (ie. just using the su command from a shell before i try to put the command in something like rc.local or whatever).

edit: the -c flag wont' let me run more than one command, even with ';' between like you can in the shell.

i would have thought there would have been an easier way to start a program as another user on bootup...

Cerebral · 2006-01-14 17:11:20

su rayzor -c "command 1 && command 2 && command 3"

should work, unless you're expecting one of the commands in the chain to fail.

hiower4 · 2006-01-20 22:48:55

Note that using su to get right privileges doesn't automatically setup the environment, variables, paths etc.
The following way is the only which I have found to provide full functionality, i.e. the same behaviour as if I login.

/bin/su USER -l -c "/bin/bash --login -c COMMAND"

where command is whatever you want. I use it in /etc/inittab to start X automatically with, you can surely put it in rc.local
You can also try it out on the command line if you want to.

Snarkout · 2006-01-20 23:00:36

Write an init script? Seriously.

Arch · 2006-01-21 22:28:36

codergeek42 wrote:

rayzorblayde wrote:
Well, the title explains my question for the most part. I'm trying to start a program when the computer boots as a non-root user, like apache uses the httpd user. i tried searching on multiple subjects, but have not found anything that works. could someone please help me out? thanks!
You don't want to run Apache as httpd. It needs the root priveleges to bind to port 80 (normal user processes are restricted to ports at 1024 and higher). Don't worry though! Once it binds properly and is listening for incoming HTTP requests, it will drop all root priveleges.
If you really want to though:
$ man su
Hope that helps!

Running Apache under root can be dangerous. There was an instance on my webserver where I had a non-root account running Apache, yet some malicious internet user was able to have certain controls to the webserver (through some insecurities in Apache.) Had I have Apache run as root, he/she would have TOTAL access to my server.

codergeek42 · 2006-01-22 00:38:02

Arch wrote:

Running Apache under root can be dangerous. There was an instance on my webserver where I had a non-root account running Apache, yet some malicious internet user was able to have certain controls to the webserver (through some insecurities in Apache.) Had I have Apache run as root, he/she would have TOTAL access to my server.

It seems as though you didn't even read what I wrote.

codergeek42 wrote:

You don't want to run Apache as httpd. It needs the root priveleges to bind to port 80 (normal user processes are restricted to ports at 1024 and higher). Don't worry though! Once it binds properly and is listening for incoming HTTP requests, it will drop all root priveleges.

Arch · 2006-01-22 17:54:49

No, I read what you wrote.

I wasn't disagreeing with you or construing what you said was wrong. I was sharing my experience with something I had encountered (on a dedicated server that I'm renting) that was related to this subject. My main point was that security is very important and shouldn't be overlooked, especially running a busy webserver. And yes, I also agree with you on your previous statement; I also avoid running Apache under httpd. A normal not-so-obvious account is used to run Apache in my case. Hope that clarify things out.

pikass · 2006-01-22 20:20:16

But running apache with just another user means no security enhancement. To put it into a (hardened) chroot prison would do.

Arch Linux

#1 2006-01-14 00:36:40

Starting a program on boot as a non-root user

#2 2006-01-14 04:58:52

Re: Starting a program on boot as a non-root user

#3 2006-01-14 06:37:19

Re: Starting a program on boot as a non-root user

#4 2006-01-14 07:02:46

Re: Starting a program on boot as a non-root user

#5 2006-01-14 16:37:27

Re: Starting a program on boot as a non-root user

#6 2006-01-14 17:11:20

Re: Starting a program on boot as a non-root user

#7 2006-01-20 22:48:55

Re: Starting a program on boot as a non-root user

#8 2006-01-20 23:00:36

Re: Starting a program on boot as a non-root user

#9 2006-01-21 22:28:36

Re: Starting a program on boot as a non-root user

#10 2006-01-22 00:38:02

Re: Starting a program on boot as a non-root user

#11 2006-01-22 17:54:49

Re: Starting a program on boot as a non-root user

#12 2006-01-22 20:20:16

Re: Starting a program on boot as a non-root user

Board footer