Damian Finol writes:
> Hello,
>
[SNIP]
>
> Now, it works perfectly, I just need to run this as the user 'informix'
>
> I tried doing it like the tutorial for apache2 says, to svccfg then set prop
> start/user=astring: informix but I keep getting that the property start
> doesn't exists.
>
> Can someone give me a hand with this please? I'll appreciate it :)
>
>
> Thank you
>
>
> This message posted from opensolaris.org
> _______________________________________________
> smf-discuss mailing list
> smf-discuss at opensolaris.org
The best way to run an exec method as a specific user is to add a
method_context element to your exec_method declarations in the manifest.
The method_context element allows you to tap into the entire range of
Solaris security mechanisms. Unfortunately, the best documentation that
I've been able to find is in the service bundle DTD at
/usr/share/lib/xml/dtd/service_bundle.dtd.1.
For your case, though, you could do something like this:
<exec_method
type='method'
name='start'
exec='/lib/svc/method/informix start'
timeout_seconds='60'>
<method_context>
<method_credential
user='informix'
group='nobody'/>
</method_context>
</exec_method>
If you wish, you can also set the working directory for the execution of
the informix command. For example here is how to set the working directory
to a fictitious /xxx/informix.
<exec_method
type='method'
name='start'
exec='/lib/svc/method/informix start'
timeout_seconds='60'>
<method_context working_directory='/xxx/informix'>
<method_credential
user='informix'
group='nobody'/>
</method_context>
</exec_method>
tom
