Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 134793 - [glibc] nscd should run as nonpriveledged user
Summary: [glibc] nscd should run as nonpriveledged user
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Toolchain Maintainers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-05-29 09:00 UTC by Mark Renouf
Modified: 2009-05-09 20:37 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Renouf 2006-05-29 09:00:45 UTC 
With the default nscd.conf, nscd runs at root. As far as I know, this is not required. I've checked other distros and nscd is usually configured to run under it's own non-priveledged account.

The config option to change this is:

/etc/nscd.conf:
server-user <user>

Redhat has:

# id nscd
uid=28(nscd) gid=28(nscd) groups=28(nscd)

/etc/passwd:
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin

In addition, if persistent caches are enabled, the default file location is /var/db/nscd, which should be created on startup if it doesn't exist (/etc/init.d/nscd):

  [ -d /var/db/nscd ] || mkdir /var/db/nscd
Comment 1 Doug Goldstein (RETIRED) gentoo-dev 2006-06-15 09:06:16 UTC 
Also.. glibc-2.3.6-r2 does not create /var/run/nscd, which results in...


stat: cannot stat `/var/run/nscd': No such file or directory

when trying to use the initscript.
Comment 2 Mark Loeser (RETIRED) gentoo-dev 2009-05-09 20:37:30 UTC 
It seems this hasn't bothered anyone else since there has been absolutely no movement on this bug, and I"m not going to just let it sit here to rot.  (that gives people the impression it might be fixed, which it doesn't look like it will)