Professional Web Applications Themes

su command problem - FreeBSD

To whom it may concern: I am running into an issue using rc.conf to run applications at startup. Specifically, nagios, and mysql. When the system boots, it goes to a command prompt at the stage of the boot process when those applications would be run and then stops. If I exit out of the prompt, booting continues normally. I believe I have traced the problem to the su command which is used in the rc. In attempting to run the mysql w/ mysql_enable="YES" in the rc.conf, it su's to the mysql account and is supposed to run a command and ...

  1. #1

    Default su command problem

    To whom it may concern:

    I am running into an issue using rc.conf to run
    applications at startup. Specifically, nagios, and
    mysql. When the system boots, it goes to a command
    prompt at the stage of the boot process when those
    applications would be run and then stops. If I exit
    out of the prompt, booting continues normally.

    I believe I have traced the problem to the su command
    which is used in the rc. In attempting to run the
    mysql w/ mysql_enable="YES" in the rc.conf, it su's to
    the mysql account and is supposed to run a command and
    exit. It su's to mysql OK, but never runs the command
    and exits. I have attempted this manually and
    received the same results.

    This system is running FreeBSD 5.3. I have another
    system which uses FreeBSD 5.2.1 and doesn't have this
    problem. I'm not sure if this is a security fix that
    has been implemented in 5.3 or if the issue lies
    elsewhere.

    I have been able to implement a workaround to make
    them work by changing their startup scripts to not use
    su, but would like to resolve the issue.

    I have check the problem reports on the FreeBSD
    website and don't see anything that appears to be
    related. I have also google'd this and found nothing.
    I also didn't find anything in the manual. Any help
    would be greatly appreciated. Thanks in advance.

    __________________________________________________
    Do You Yahoo!?
    Tired of spam? Yahoo! Mail has the best spam protection around
    http://mail.
    John Guest

  2. #2

    Default Re: su command problem



    hmmm. (going under the assumption that you installed from ports 4.1.x
    ?) There should be a startup script in /usr/local/etc/rc.d that
    launches mysql. Using the new style, it does check rc.conf to see if
    it should start, mode, etc.

    As far as the 'su' bit, the script itself doesn't do this. The mysql
    daemon has a 'user' switch that is used to start mysqld as a user
    other then root.

    Do you get the same behavior when you run the start-up script manually?

    -jw
    Jeff Guest

  3. #3

    Default Re: su command problem



    Maybe it really traces to the fact that you should not run any
    command from rc.conf. It is not treated as a script.

    Rather, rc.conf is merely a list of variable settings that the
    startup scripts for various programs read up when they need it.

    If you want to run something at startup, put them in /usr/local/etc/rc.d
    give them a name ending in .sh and make them executable.
    Those scripts will be run in roughly 'sort' order.
     

    You don't want to run mysql in rc.conf, just do the setting
    of mysql_enable="YES" in there and put something like
    mysql-server.sh in /usr/local/etc/rc.d

    In fact, the normal mysql install from ports puts the script
    there. You may have to change its permissions to make
    it executable.

    ////jerry
     

    Jerry Guest

  4. #4

    Default Re: su command problem

    >On Mon, 28 Mar 2005 11:03:23 -0800 (PST), John Public
    <com> wrote:
     

    NP
     

    first, I don't think the 'mysql' binary even has a '-c' option.

    If I'm following you here, you modify the default startup script
    (/usr/local/etc/rc.d/mysql-server.sh) to run `su -m mysql -c date`.
    Instead of the default (w/flags):

    /usr/local/bin/mysqld_safe --user=${mysql_user}
    --datadir=${mysql_dbdir} --bind-address=${bind_address}
    --pid-file=${pidfile} > /dev/null &

    why?
     

    I would take a look at the default mysql startup script and compare it
    to what you currently have in place.
    (/path/to/ports/database/mysql41-server/files/mysql-server.sh)

    -jw
    Jeff Guest

  5. #5

    Default Re: su command problem

    I'm apologize for being unclear. Let me try again. I
    have not modified the mysql-server.sh script in any
    way. The 'su -m mysql -c date' line is merely an
    example of what I used to see if 'su' is having a
    problem. All that line does is run the 'date' command
    as the mysql user. I used this for testing between
    the 5.3 system and the 5.2.1 system to see if there
    was a difference.

    Indeed there was a difference. On the 5.2.1 system
    the command ran 'date' w/o any problem and then
    returned control to the root shell, but on the 5.3
    system, it su'ed me to the mysql account, but did not
    execute the 'date' command and stayed w/ the mysql
    account.

    This is how I have come to the conclusion that it has
    something to do w/ the su command or security relating
    to it, rather than the scripts which are used to run
    mysql or nagios. I guess I'm trying to determine if
    this is a bug in the 'su' command or if there is a
    security setting somewhere in 5.3 which changes the
    behavior of 'su'.

    Thanks again for your attention.
    John
    --- Jeff Wirth <com> wrote: 
    > Public
    > <com> wrote:

    > query,
    >
    > NP

    > works 
    > However, 
    > behavior 
    > w/ 
    >
    > first, I don't think the 'mysql' binary even has a
    > '-c' option.
    >
    > If I'm following you here, you modify the default
    > startup script
    > (/usr/local/etc/rc.d/mysql-server.sh) to run `su -m
    > mysql -c date`.
    > Instead of the default (w/flags):
    >
    > /usr/local/bin/mysqld_safe --user=${mysql_user}
    > --datadir=${mysql_dbdir}
    > --bind-address=${bind_address}
    > --pid-file=${pidfile} > /dev/null &
    >
    > why?

    > while I 
    > discovered 
    >
    > I would take a look at the default mysql startup
    > script and compare it
    > to what you currently have in place.
    >[/ref]
    (/path/to/ports/database/mysql41-server/files/mysql-server.sh) 



    __________________________________
    Do you Yahoo!?
    Yahoo! Mail - Find what you need with new enhanced search.
    http://info.mail./mail_250
    John Guest

  6. #6

    Default Re: su command problem

    John Public wrote:
     

    So, we need to check on a few things between
    the two systems; I'd start with the contents of
    /etc/passwd, which should be the same on
    both machines.

    FWIW, I can't reproduce the "problem" on 5.3
    nor 4.11, as long as I'm running as root or using
    sudo. Running without privileges gives a "Password"
    prompt, as expected....

    Kevin Kinsey
    Kevin Guest

  7. #7

    Default Re: su command problem

    Thank you very much! I had checked the password file,
    but had been focused on the mysql account. I only
    just noticed that the root account was set to use
    /bin/csh for it's shell. When I changed it to
    /usr/local/bin/bash, suddenly everything started
    working. Thank you for your direction, I really
    appreciate it.

    Thank you to everybody who helped me on this. <Insert
    huge sigh of relief here>

    God Bless
    John
    --- Kevin Kinsey <biz> wrote: 
    > I 
    > command 
    > not 
    > has 
    > relating 
    > run 
    > if 
    >
    > So, we need to check on a few things between
    > the two systems; I'd start with the contents of
    > /etc/passwd, which should be the same on
    > both machines.
    >
    > FWIW, I can't reproduce the "problem" on 5.3
    > nor 4.11, as long as I'm running as root or using
    > sudo. Running without privileges gives a "Password"
    > prompt, as expected....
    >
    > Kevin Kinsey
    >[/ref]



    __________________________________
    Do you Yahoo!?
    Yahoo! Mail - Easier than ever with enhanced search. Learn more.
    http://info.mail./mail_250
    John Guest

  8. #8

    Default Re: su command problem

    > On Tue, 29 Mar 2005 08:25:10 -0800 (PST), John Public <com> wrote: 

    It's usually considered dangerous to change root's shell outside of
    'sh' or 'csh'. You may end up with a broken shell if you need to drop
    to single user mode.

    -jw
    Jeff Guest

Similar Threads

  1. ASP with SQL Command problem
    By (^_^) in forum ASP Database
    Replies: 3
    Last Post: November 8th, 10:34 AM
  2. problem with file(url) command
    By Philippe in forum PHP Development
    Replies: 3
    Last Post: August 6th, 12:22 AM
  3. problem with external command.
    By Jeremy Russell in forum PHP Development
    Replies: 0
    Last Post: September 22nd, 05:14 PM
  4. DB2 8.1.2 - get dbm cfg command problem
    By Perry R Shindle in forum IBM DB2
    Replies: 5
    Last Post: July 25th, 05:54 PM
  5. Command Button problem
    By Graham R Seach in forum Microsoft Access
    Replies: 1
    Last Post: July 1st, 03:21 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139