On 21/11/14 04:12, Ximin Luo wrote:
> The log says
>
> [-] /usr/lib/python2.7/dist-packages/twisted/python/util.py:753:
> exceptions.UserWarning: tried to drop privileges and setuid 135 but uid is
> already 135; should we be root? Continuing.
>
> but this is just a warning; nothing bad has happened yet.
>
Ah, this is because caldavd.plist has UserName and GroupName entries to drop
privileges. We can get rid of these if we use `-u caldavd -g caldavd` to run
directly as non-root, and the log warning disappears.
I recommend this approach, simply because this means you configure the db with
a simple "calendarserver_bootstrap_database" without any config changes to
postgresql. In fact, you could even put this in calendarserver's postinst, and
uncomment the necessary part of caldavd.plist to enable peer authentication.
Then, calendarserver would work "out of the box", so users would avoid having
to follow the instructions in README.Debian and avoiding things like #746977.
Patch for caldavd.plist supplied.
X
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
--- caldavd.plist.dpkg-dist 2014-11-21 11:35:48.038420816 +0000
+++ caldavd.plist 2014-11-21 11:35:55.590420624 +0000
@@ -84,12 +85,10 @@
<string>/var/lib/caldavd</string>
<!-- Database connection -->
- <!--
<key>DBType</key>
<string>postgres</string>
<key>DSN</key>
<string>:caldav:caldavd:::</string>
- -->
<!-- Data root -->
<key>DataRoot</key>
@@ -494,12 +493,6 @@
Process management
-->
- <key>UserName</key>
- <string>caldavd</string>
-
- <key>GroupName</key>
- <string>caldavd</string>
-
<key>ProcessType</key>
<string>Combined</string>
