Mercurial > hg > release > thermostat-1.4
changeset 1806:5ac98bfdbd1e
Dropping privileges in scripts might not always work with 'su -c'
Reviewed-by: ebaron
Review-thread: http://icedtea.classpath.org/pipermail/thermostat/2015-September/016314.html
PR2641
| author | Severin Gehwolf <sgehwolf@redhat.com> |
|---|---|
| date | Mon, 21 Sep 2015 19:01:50 +0200 |
| parents | f362b59a5aec |
| children | 307c1670bb04 |
| files | distribution/scripts/thermostat-agent-proxy distribution/scripts/thermostat-command-channel |
| diffstat | 2 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/distribution/scripts/thermostat-agent-proxy Mon Sep 21 10:45:22 2015 -0400 +++ b/distribution/scripts/thermostat-agent-proxy Mon Sep 21 19:01:50 2015 +0200 @@ -73,7 +73,7 @@ # Start server # Drop permissions, if root if [ "$(id -u)" -eq 0 ]; then - /bin/su "$2" -c "${JAVA} -cp ${SERVICE_CLASSPATH} ${DEBUG_OPTS} ${AGENT_PROXY_CLASS} $1" + /bin/su -s /bin/bash -c "${JAVA} -cp ${SERVICE_CLASSPATH} ${DEBUG_OPTS} ${AGENT_PROXY_CLASS} $1" "$2" else ${JAVA} -cp ${SERVICE_CLASSPATH} ${DEBUG_OPTS} ${AGENT_PROXY_CLASS} $1 fi
--- a/distribution/scripts/thermostat-command-channel Mon Sep 21 10:45:22 2015 -0400 +++ b/distribution/scripts/thermostat-command-channel Mon Sep 21 19:01:50 2015 +0200 @@ -81,7 +81,7 @@ PORT=$2 # Drop permissions, if root if [ "$(id -u)" -eq 0 ]; then - exec /bin/su "$SCRIPT_OWNER" -c "${JAVA} -cp ${BOOT_CLASSPATH} ${DEBUG_OPTS} ${CMD_CHANNEL_CLASS} $HOSTNAME $PORT" + exec /bin/su -s /bin/bash -c "${JAVA} -cp ${BOOT_CLASSPATH} ${DEBUG_OPTS} ${CMD_CHANNEL_CLASS} $HOSTNAME $PORT" "$SCRIPT_OWNER" else exec ${JAVA} -cp ${BOOT_CLASSPATH} ${DEBUG_OPTS} ${CMD_CHANNEL_CLASS} $HOSTNAME $PORT fi