John Almberg wrote:
Now I just need to figure out how to start it on reboot, but that is something I've been meaning to learn, anyway, so I don't mind.

I hope you guys will bear with me just a little more... I have spent the day trying to figure out how to create an rc script for autossh. Very cool, and not as hard as I'd anticipated. It is attached below.

The script works perfectly *iff* I run it from the command line as a non-root user, like so:

/usr/local/etc/rc.d/autossh start

However, it does NOT work when executed by root. Instead, I get the following error message in /var/log/messages

messages:Oct 21 19:01:38 on autossh[89267]: ssh exited prematurely with status 255; autossh exiting

So (my understanding), autossh is starting, and tries to create the tunnel, but the tunnel creation fails with the unhelpful 255 error message.

But only when executed by root. That's the puzzling part.

I don't allow root logins on this server, but don't see how that could cause this problem....

I'm stumped. Any hints, much appreciated.

-- John


# PROVIDE: autossh
# KEYWORD: shutdown

. /etc/rc.subr


load_rc_config $name
eval "${rcvar}=\${${rcvar}:='NO'}"

command_args="-M 20000 -fNg -L 33006: [EMAIL PROTECTED]"

  ${command} ${command_args}
  echo "started autossh"

run_rc_command "$1"

Answering my own question (probably the best way)...

I solved this problem by figuring out how to execute the command inside the rc script as a non-root user. Like so:

  echo "${command} ${command_args}"
  su admin -c "${command} ${command_args}"
  echo "started autossh"

This works beautifully, so I almost hesitate to ask, but is there anything wrong with this approach?

Nothing, except you're re-inventing the wheel.  rc.subr already
has a mechanism for running commands as another user.  Instead
of defining a new start() function, simply add something like:

: ${autossh_user:='admin'}

towards the top of the script.  (This also means you can override
the setting by defining 'autossh_user="someoneelse"' in /etc/rc.conf
in the usual way)



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                 Flat 3
PGP:     Ramsgate
                                                 Kent, CT11 9PW

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to