A simple conceptual question, really, but I'm unable to resolve by looking at the archives. I've set up tcpserver driving oidentd, like this: tcpserver -R 0 113 /usr/local/sbin/oidentd -i -u 99 -g 9 & This runs tcpserver as root, and then on connect calls oidentd which switches to UID99/GID9 (nobody/kmem). The connections look good and the users on my system who are addicted to IRC are happy. However, just on the paranoid side of things, I'd prefer if I could get tcpserver to run as nobody, like this or this: tcpserver -R -u99 -g9 0 113 /usr/local/sbin/oidentd -i & tcpserver -R -u99 -g9 0 113 /usr/local/sbin/oidentd -i -u 99 -g 9 & In theory I guess this should be possible; qmail-d runs this way. But what happens is the TCP connection closes immediately, like this: wndrgrl:/etc/rc.d# telnet localhost 113 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Is this an oidentd issue, a problem with the hand-off from tcpserver to oidentd, or is it actually supposed to run the first way and I'm just kissing up the wrong tree? Thanks in advance. ag
