Bug 220539

Summary: RFE: run ddclient as a dedicated user
Product: [Fedora] Fedora Reporter: Ville Skyttä <ville.skytta>
Component: ddclientAssignee: Josh Boyer <jwboyer>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: thomas
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 3.7.1-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-03-03 08:39:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
specfile changes none

Description Ville Skyttä 2006-12-21 23:03:59 UTC 
ddclient currently runs as root.  I suppose it could be fairly easily be made to
run as a dedicated less privileged user?  See eg. the ez-ipupdate package for
examples.
Comment 1 Josh Boyer 2006-12-26 19:48:30 UTC 
(In reply to comment #0)
> ddclient currently runs as root.  I suppose it could be fairly easily be made to
> run as a dedicated less privileged user?  See eg. the ez-ipupdate package for
> examples.

Good idea.  I'll take a look at this shortly after I get back from vacation
Comment 2 Thomas Vander Stichele 2006-12-27 15:52:09 UTC 
Josh, if you feel like taking over this package, let me know
Comment 3 Josh Boyer 2007-01-06 21:30:44 UTC 
(In reply to comment #2)
> Josh, if you feel like taking over this package, let me know


Erm... I thought we had already agreed on that?  I took it right before FC-6
came out.  I'll forward you the email I have.
Comment 4 Josh Boyer 2007-01-17 02:44:34 UTC 
Created attachment 145768 [details]
specfile changes

Ok, I'm obviously missing something here.  I've created the dedicated ddclient
user, but I'm missing how to actually start the program as that user.  Help?
Comment 5 Ville Skyttä 2007-01-17 21:15:53 UTC 
Try "daemon --user ddclient $exec ..." in the init script.

By the way, it'll probably be necessary to do something about the PID file too
(eg. move to /var/run/ddclient/ddclient.pid and use "daemon --pidfile ..." in
the init script) - currently it's specified as pid=/var/run/ddclient.pid in the
config file but /var/run is not writable for non-root users.
Comment 6 Ville Skyttä 2007-03-03 08:39:16 UTC 
Done in upcoming 3.7.1-1