[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
I would caution against running apps from root. Generally it is unsafe to do anything from root that doesn't absolutly have to run from root. It is just too easy to mess up! (speaking from personal pain). It does depend on what you want to do, and one-off setups are (I reluctantly s'pose) OK to use su(1), but running apps should really be done under the correct username, or group. If you havn't looked at user groups you might find they help. Regular background jobs can be scheduled by the user with cron, and ad-hoc using at(1). Clive -----Original Message----- From: Simon Waters [mailto:Simon@xxxxxxxxxxxxxxxxxxxx] Sent: 22 April 2003 15:05 To: list@xxxxxxxxxxxx Subject: Re: [LUG] ROOT:Running apps as another user -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Keith Abraham wrote: > This might be a real dummy question but how do I, as > root, run and configure an application for a non-root > user? > This appears to me to be a normal sys admin task but > I can't find anything about how to do it. Depends very much what the application is and how you are customising it. The X window way is to have the central defaults in a file under /etc/X11 or similar, and you edit these files to set the default for everyone. See /etc/X11/app-default. The user can customise it by having local modified copies of these files under $HOME, or other X resource schemes which are more like registries (man X, man xrdb etc). Other desktops built on X have usually followed this model to varying extents. To run an application as a user you can use "su" hence the ubiquitous "su - oracle -c dbstart" run as user oracle with environment variable (hence "-") the command "dbstart". Usually this is in the start section of /etc/init.d/oracle or similar. More generally "su - username" will typically give you a shell as another user. Sometimes it is handy to acquire another users account, typically root can edit the "shadow" or "passwd" files in "/etc" and remove that users password temporarily. Thus allowing him to log in as that user via GUI login's and the like. This is getting harder as authentication schemes get more elaborate. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+pUv2GFXfHI9FVgYRAiveAJ9RkKzVj8mBhCwd8KJrg8HQNb9eWACfURHb H4Bw6EZncAP+v6r5fliE+w8= =lwlJ -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________ ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________ -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.