[tac_plus] Re: Installing tac_plus as a different user other than root??
Alan McKinnon
alan.mckinnon at gmail.com
Wed Nov 25 06:43:30 UTC 2009
On Wednesday 25 November 2009 04:45:31 Andy Saykao wrote:
> Hi All,
>
> Is there a way to install the program as a different user other than root??
> I'm installing this on Ubuntu Server 8.10.
>
> For example I've created a user called tac-plus with uid and gid of 1001.
>
> /etc/passwd:
> tac-plus:x:1001:1001:TACACS+ User,,,:/home/tac-plus:/bin/bash
>
> /etc/group:
> tac-plus:x:1001:
>
> I then configured it with the userid and groupid:
>
> ./configure --prefix /tac-plus --with-acctfile=/var/log/tac_acc.log
> --with-logfile=/var/log/tac_plus.log --with-userid=1001 --with-groupid=1001
>
> But once the program was installed, the files and directories are all still
> own by root?
>
> root at tacacs-1:/tac-plus# ls -la
> total 24
> drwxr-xr-x 6 root root 4096 2009-11-25 12:14 .
> drwxr-xr-x 21 root root 4096 2009-11-25 12:14 ..
> drwxr-xr-x 2 root root 4096 2009-11-25 12:14 bin
> drwxr-xr-x 2 root root 4096 2009-11-25 12:14 include
> drwxr-xr-x 2 root root 4096 2009-11-25 12:14 lib
> drwxr-xr-x 4 root root 4096 2009-11-25 12:14 share
>
> Any ideas how to install it as a different user?
It is already correctly installed. The tac-plus user simply needs to read and
execute the files, not own them or write to them.
Check other daemons that drop privileges at runtime, those files are normally
owned by root as well as root is the only user that can write to system areas.
tac-plus just needs to be able to write it's pid file
--
alan dot mckinnon at gmail dot com
More information about the tac_plus
mailing list