[Pkg-freevo-maint] r69 - packages/freevo/trunk/debian
mennucc1 at alioth.debian.org
mennucc1 at alioth.debian.org
Thu Jan 24 17:59:03 UTC 2008
Author: mennucc1
Date: 2008-01-24 17:59:03 +0000 (Thu, 24 Jan 2008)
New Revision: 69
Modified:
packages/freevo/trunk/debian/freevo.wrapper
Log:
Better logic in the wrapper ; if /usr/bin/freevo is run by root,
'freevo convert_config' is fine, since the config is owned by root
'freevo cache' is forcibly run as 'freevo' user
any other command line is run as root, but a warning is printed.
Modified: packages/freevo/trunk/debian/freevo.wrapper
===================================================================
--- packages/freevo/trunk/debian/freevo.wrapper 2008-01-24 17:25:16 UTC (rev 68)
+++ packages/freevo/trunk/debian/freevo.wrapper 2008-01-24 17:59:03 UTC (rev 69)
@@ -6,28 +6,40 @@
U=`id -u`
G=`id -g`
-if test "$G" = 0 -o $U = 0 ; then
- echo "It is advisable not to start freevo as root, due to security concerns." 1>&2
-fi
-
unset OS_LOGDIR FREEVO_LOGDIR OS_STATICDIR FREEVO_STATICDIR OS_CACHEDIR FREEVO_CACHEDIR FREEVO_SHARE FREEVO_CONTRIB FREEVO_SCRIPT FREEVO_CONFIG LD_PRELOAD SDL_VIDEODRIVER FREEVO_LOCALE FREEVO_PYTHON
test -r /etc/freevo/debconf.sh && . /etc/freevo/debconf.sh
test -r /etc/default/freevo && . /etc/default/freevo
+
+if test "$U" = 0 ; then
+ # there are cases when you should run as root, as for example
+ # freevo convert_config local_conf.py -w
+ if test "$1" = convert_config ; then
+ exec $DAEMON.real "$@"
+ fi
+ if test "$1" = cache ; then
+ echo "This process will be run as user 'freevo'."
+ exec su freevo -c "$DAEMON.real $@"
+ fi
+ echo "It is advisable not to start freevo as root, due to security concerns." 1>&2
+ echo "Please use the 'freevo' user to start freevo." 1>&2
+ exec $DAEMON.real "$@"
+fi
+
if test "$G" = "$FREEVO_GID" -o "$U" = "$FREEVO_UID" ; then
exec $DAEMON.real "$@"
fi
for i in `id -G` ; do
if test "$i" = "$FREEVO_GID" ; then
- #starting with principal group 'freevo'
+ echo "Switching process to principal group 'freevo'."
exec sg freevo -c "$DAEMON.real $@"
fi
done
-echo "You are not part of the group 'freevo' , this will limit your ability to access some resources" 1>&2
+echo "You are not part of the group 'freevo', you cannot exploit shared resources (such as the cache). Your data will be saved in ${HOME}/.freevo " 1>&2
export FREEVO_CACHEDIR=$HOME/.freevo/cache
More information about the Pkg-freevo-maint
mailing list