Tiny Core Linux
Tiny Core Extensions => TCE Q&A Forum => Topic started by: destroyedlolo on November 15, 2022, 06:19:17 PM
-
Hello,
I'm building an extension for a daemon ... and for security reason, I would like this daemon to run with a dedicated user.
What would be the smarter way to create this issuer ? Add user in the /tmp/package/usr/local/tce.installed script ?
Thanks
-
Hi destroyedlolo
The tce.installed script sounds like a good place. I would do something like this:
if ! cat /etc/passwd | cut -d: -f1 | grep -q SpecialUser
then
add user SpecialUser
any additional commands required if adding a user
fi
The first line tests if SpecialUser already exists on the system. If it doesn't, then
the user gets added.
-
Thanks for the confirmation and the code : I'll do it :)
-
Hi destroyedlolo
Remember, usr/local/tce.installed/ExtensionName is a script. So
don't forget to include:
#!/bin/shon the first line.
-
Hum, my user is
daemon:x:100:65534:Linux User,,,:/tmp:/bin/false
and my command is :
su -c '/usr/local/sbin/PubSysFigures -Hbpi.chez.moi -s30' daemon
but when I'm launching from my shell
sudo su -c '/usr/local/sbin/PubSysFigures -Hbpi.chez.moi -s30' daemonthe process is not launched and
$ echo $?
1
Do you what can create this issue ?
-
Hi destroyedlolo
Hum, my user is
daemon:x:100:65534:Linux User,,,:/tmp:/bin/false ...
I think at least part of your problem might be that /bin/false. It should probably
be /bin/sh.
Take a look at the addUser function in /etc/init.d/tc-config for guidance on
adding a user.
Also, based on this help message:
tc@E310:~$ su --help
BusyBox v1.29.3 (2018-11-21 15:31:19 UTC) multi-call binary.
Usage: su [-lmp] [-] [-s SH] [USER [SCRIPT ARGS / -c 'CMD' ARG0 ARGS]]
Run shell under USER by default, root
-,-l Clear environment, go to home dir, run shell as login shell
-p,-m Do not set new $HOME, $SHELL, $USER, $LOGNAME
-c CMD Command to pass to 'sh -c'
-s SH Shell to use instead of user's default
tc@E310:~$it looks like maybe the USER should come before the command.
-
It was /bin/false to avoid interactive login (as technical account only) ... but it seems su needs a valid account.
So thanks for all your help : I've been able to submit my PubSysFigures, a daemon that publish system load to MQTT flow. I'm planing to publish as well disk usage.
My usage is to integrate it in my home automation to check which machines is running (kids ;)) and if healthy :)
-
Hello,
Hum, why can't I find my package in the repository ?
If I go to http://www.tinycorelinux.net/13.x/x86/tcz/ (http://www.tinycorelinux.net/13.x/x86/tcz/), I can find it listed, but if I'm trying to loading it using tce-load, it is not found. Going to a mirror like http://mirror1.ku.ac.th/tinycore/13.x/x86/tcz/ (http://mirror1.ku.ac.th/tinycore/13.x/x86/tcz/), it's the same :(
And it's the same for minidlna or GNU screen I submitted few weeks back as well.
-
Perhaps you are using some other version/other mirror/made a typo?
-
Well, I think it was a punctual problem as now it's working ::)