The init.d the following init.d script may be wrong declared, because of wrong su parameters: - PostgreSQL - Tomcat. An excution of a program as an other user must be declared as followed: su -c COMMAND - USER The su excution lines of the above scripts reads: su - $PGUSER -c "/usr/bin/pg_ctl stop -D '$PGDATA' -s -m fast" and su - ${CATALINA_USER} -c "/opt/tomcat/bin/catalina.sh ${TOMCAT_START}" as far as I know with this lines the username where ignored and the program would be excecuted as root and not as user without several priviledges. IMHO, the lines must read as followed: su -c "/usr/bin/pg_ctl stop -D '$PGDATA' -s -m fast" - $PGUSER and su -c "/opt/tomcat/bin/catalina.sh ${TOMCAT_START}" - ${CATALINA_USER}
man page reads this: su [-] [username [args]] that means: su - $PGUSER -c "/usr/bin/pg_ctl stop -D '$PGDATA' -s -m fast" is correct i run programs like this: su proxy /home/proxy/start and it starts the program 'start' under the user 'proxy'
Well I've tried su - jetty /opt/jetty/bin/jetty.sh and su - jetty -c "/opt/jetty/bin/jetty.sh" and the result was: 1. The environment variable of user jetty wasn't set 2. And the process were executed as root. When I ran: su -c "/opt/jetty/bin/jetty.sh" - jetty all where fine. The documentation of su says that su execution in combination with user log in should be as follow: su -c COMMAND - USER
To the man page. The full man page says: su [OPTION]... [-] [USER [ARG]...] IMHO that means: OPTION: options of su, that means -c aso. USER: username ARG: other arguments
Well, O.K. on Solaris and AIX the man page of su says: su [-] [username [args]] on Linux: su [OPTION]... [-] [USER [ARG]...] therefore su - -c COMMAND USER => may seems O.K. on Linux and su -c COMMAND - USER => seems O.K. on Linux and su - USER -c COMMAND => seems O.K. on Solaris IMHO a adapted script for SOLARIS aso. and LINUX should solve the problem.
*shrug* ill leave it to az to decide
Well, after several tests on different machines (x86) it seems that su - USER -c COMMAND is the right executon command. Here my tests command and results: su - USER -c COMMAND => executed as USER su -c COMMAND - USER => executed as root su - COMMAND USER => error Info-Page: su [OPTION]... [USER [ARG]...] The program accepts the following options. Also see *Note Common options::. `-c COMMAND' `--command=COMMAND' Pass COMMAND, a single command line to run, to the shell with a `-c' option instead of starting an interactive shell. `-' `-l' `--login' Make the shell a login shell. This means the following. Unset all environment variables except `TERM', `HOME', and `SHELL' (which are set as described above), and `USER' and `LOGNAME' (which are set, even for the super-user, as described above), and set `PATH' to a compiled-in default value. Change to USER's home directory. Prepend `-' to the shell's name, intended to make it read its login startup file(s). Well it seems that the the man and info page isn't clear at that point. -c is a COMMAND, but could only be passed as ARG??? It is not clear if that is a GNU/su bug or a documentation fault... Sorry
This is my manpage: -------------------------------------- NAME su - change user ID or become super-user SYNOPSIS su [-] [username [args]] DESCRIPTION su is used to become another user during a login session. Invoked without a username, su defaults to becoming the super user. The optional argument - may be used to provide an environment similiar to what the user would expect had the user logged in directly. --------------------------------- Meaning: su - <user> -c foobar is the right way. Note that su do not have a '-c' option. Also, the '[args]' is for the shell that will be invoked. The problem it seems, is that we use su from sys-apps/shadow, but sys-apps/coreutils includes it in its info page ... Something like: ------------------------------- cd ${S} for x in man/Makefile.* do sed -i -e 's:su.1 ::g' ${x} done ------------------------------- in src_unpack() should do it, but I guess a patch will be better. Also, we may only want to touch Makefile.in.
coreutils-5.0-r1 do not have the su info page anymore.
