Am 09.02.19 um 23:26 schrieb Francesco Poli: > On Sat, 9 Feb 2019 22:31:14 +0100 Michael Biebl wrote: > >> Hi >> >> Am 09.02.19 um 10:39 schrieb Francesco Poli: >> >>> Could you please do me a favor? >>> I would like you to read bug [#916753] log and then tell me what you >>> think. Your insight might be useful to find a better solution. >> >> What kind of input do you need? > > I would like some insight especially on [message #30], regarding the > fact that runuser does something basically equivalent to what su does, > and thus seems to be unfit to irreversibly drop root privileges, and > regarding my search for a command that works like s6-setuidgid, but > runs the given command inside the user's login shell (with all the > environment that the user would get on a normal login).
Aren't those conflicting requirements? On the one hand you want a full login shell, which typically involves PAM. On the other hand you don't want PAM involved. > [message #30]: <https://bugs.debian.org/916753#30> > >> I guess I already mentioned the two alternatives (runuser/setpriv). > [...] > > Maybe setpriv is equivalent to s6-setuidgid. > If this is the case, it can be used as an alternative to s6-setuidgid. setpriv should do pretty much the same as s6-setuidgid, with the benefit of not requiring an exotic package being installed. > But I would like to have a command that runs a given command inside the > regular user's login environment, as I said above. > Do you know one such command? What exactly do you mean by "user's login environment"? -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
Description: OpenPGP digital signature