Eugene Zhukov <jevgeni...@gmail.com> writes: >> 2) Does the service really need to run as root? >> > No, and this is even mentioned in upstream readme. It needs to create > a pid file though. Any hint/pointer on how to change the packaging to > not run it as root?
You probably need to create a new user in the packaging. Then modify the daemon to implement --user <username> option that drops the privileges after writing the pid file and reading the configuration file. Quick google finds http://search.cpan.org/~tlbdk/Privileges-Drop-1.03/lib/Privileges/Drop.pm which seems to be in debian as libprivileges-drop-perl. >> db_get dyfi/password >> sed -i "s/^Password.*/Password $RET/" /etc/dyfi-update.conf >> >> in debian/postinst let all local users to see the password if they type >> "ps axuf" at the right moment? > Probably, but do I need to care about that? The targeted audience of > the service is home or small office I assume. That of course depends on the situation indeed. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org