[JDEV] Re: [jadmin] [jadmin]Port access below 1024
Jonathan Augenstine
jaugenstine at jambotech.com
Thu Jun 6 09:14:32 CDT 2002
Justin,
I have two questions. The first is that have the changes you made to
reorder the code been contributed back for inclusion with the
distribution? If not I would be interested in knowing what changes you
made, as I have great need to implement this. The second question is,
can you change ownership or permisions on the pid file prior to the fork
to make it writable to the designated user and rewrite the pid after the
fork()??
Jonathan
> -----Original Message-----
> From: Justin Georgeson [mailto:jgeorgeson at unboundtech.com]
> Sent: Wednesday, June 05, 2002 6:45 PM
> To: jadmin at jabber.org
> Cc: jdev
> Subject: [JDEV] Re: [jadmin] [jadmin]Port access below 1024
>
>
> It's not so much the ownership, it's that the pid in the pidfile is
> wrong. I couldn't get the pidfile to be written after the
> fork. Even on
> systems that have a tool to kill all processes with a given name
> (killall jabberd on RedHat for example), that's not always viable, as
> you might have multiple instances and only want to stop one.
>
> Jonathan Augenstine wrote:
> >>only answer I was given was to have my firewall forward the
> >>priviledged
> >>port to the unpriviledged port jabber is running on.
> >
> > If I had that option available we would not be having this
> exchange.
> > Unfortunately.
> >
> > Can you clarify what the ramifications are of the problem
> you describe
> > below. I understand that the pid file is created by root and as a
> > consequence the specified user account is unable to access the pid
> > file. How does this impact?
> >
> >
> >
> >>-----Original Message-----
> >>From: Justin Georgeson [mailto:jgeorgeson at unboundtech.com]
> >>Sent: Wednesday, June 05, 2002 11:55 AM
> >>To: jadmin at jabber.org
> >>Subject: Re: [jadmin] [jadmin]
> >>
> >>
> >>Using the -B command line options you can specify what user
> >>to run as. I
> >>have successfully reordered the code to bind to the port
> >>before calling
> >>setuid/setgid and forking. The problem is I have been unsuccessful
> >>getting all this done before writing the pidfile, so I end up witha
> >>pidfile with the wrong pid and the process owner can't read.
> >>I've posted
> >>to several lists (this one, jdev, and
> >>jabberd at jabberstudio.org) and the
> >>only answer I was given was to have my firewall forward the
> >>priviledged
> >>port to the unpriviledged port jabber is running on.
> >>
> >>Jonathan Augenstine wrote:
> >>
> >>>I have a question on running Jabber on non-standard ports. Does
> >>>anyone have documentation or notes on how to run Jabber on
> >>
> >>ports below
> >>
> >>>1024 but not run Jabber as root?
> >>>
> >>>Jonathan Augenstine _______________________________________________
> >>>jadmin mailing list
> >>>jadmin at jabber.org
> >>>http://mailman.jabber.org/listinfo/jadmin
> >>
> >>
> >>--
> >>Justin Georgeson
> >>UnBound Technologies, Inc.
> >>http://www.unboundtech.com
> >>Main 713.329.9330
> >>Fax 713.460.4051
> >>Mobile 512.789.1962
> >>
> >>5295 Hollister Road
> >>Houston, TX 77040
> >>Real Applications using Real Wireless Intelligence(tm)
> >>
> >>_______________________________________________
> >>jadmin mailing list
> >>jadmin at jabber.org
> >>http://mailman.jabber.org/listinfo/jadmin
> >>
> >
> > _______________________________________________
> > jadmin mailing list
> > jadmin at jabber.org
> > http://mailman.jabber.org/listinfo/jadmin
>
>
> --
> Justin Georgeson
> UnBound Technologies, Inc.
> http://www.unboundtech.com
> Main 713.329.9330
> Fax 713.460.4051
> Mobile 512.789.1962
>
> 5295 Hollister Road
> Houston, TX 77040
> Real Applications using Real Wireless Intelligence(tm)
>
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>
More information about the JDev
mailing list