Drop daemon privilegies

Brilliantov Kirill Vladimirovich brilliantov at byterg.ru
Mon Dec 5 05:05:04 UTC 2011


Denys Vlasenko wrote on 12/05/2011 07:35 AM:
> On Monday 28 November 2011 06:52, Brilliantov Kirill Vladimirovich wrote:
>> Hello!
>> I run syslogd with system and found this:
>> Jan  1 00:00:06 arm user.err monitor: Run drop_root, user monitor, errno
>> 0 (Success)
>> Jan  1 00:00:06 arm daemon.crit mini_httpd[296]: socket :: - Address
>> family not supported by protocol
>> Jan  1 00:00:06 arm user.err monitor: After getpwnam, uid = 100, gid =
>> 100, errno 0 (Success)
>> Jan  1 00:00:06 arm user.err monitor: After setGID, r = 0, errno 0 (Success)
>> Jan  1 00:00:06 arm user.err monitor: After setUID, r = 0, errno 0 (Success)
>
> setgid/setuid worked.
>
>> Jan  1 00:00:06 arm user.err monitor: Can't run in daemon mode, errno 13
>> (Permission denied)
>
> Where this message comes from? Can you show C code which generates it
> (and immediately preceding code too)?
> What operation was attempted which ended with EPERM?
>
>
>> But if I run daemon after manual all ok and in /var/log/messages I see this:
>> Jan  1 00:02:46 arm user.err monitor: Run drop_root, user monitor, errno
>> 0 (Success)
>> Jan  1 00:02:46 arm user.err monitor: After getpwnam, uid = 100, gid =
>> 100, errno 0 (Success)
>> Jan  1 00:02:46 arm user.err monitor: After setGID, r = 0, errno 0 (Success)
>> Jan  1 00:02:46 arm user.err monitor: After setUID, r = 0, errno 0 (Success)
>> Jan  1 00:02:46 arm user.info monitor: daemon started, pid-file
>> /var/run/monitd.pid, PID 324
>> Jan  1 00:02:46 arm user.info monitor: Ready to send message
>>
>>
>
>


Thank you for your reply, Denis!
I solve this problem - set drop root privilegies after switch to daemon 
mode. Earlier I run it before switch to daemon mode.

-- 
Best regards,
Brilliantov Kirill Vladimirovich



More information about the busybox mailing list