Aaron Konstam wrote:
On Tue, 2006-09-26 at 13:46 +0100, Paul Howarth wrote:
Tim wrote:
On Mon, 2006-09-25 at 15:45 -0400, Steven W. Orr wrote:
After all that, if it works, please never use su the way you described
above. At the very least use su - -c etc...
Having seen that in another topic, made me wonder about something I'm
doing. My /etc/rc.local file has a string of lines in it like the
following: su tim -c "/usr/bin/fetchmail -d 900"
Should I be doing it like this, instead:
su - tim -c "/usr/bin/fetchmail -d 900"
Or even:
/sbin/runuser tim -c "/usr/bin/fetchmail -d 900"
I am a little confused about runuser. Anyone can run it and the man page
says it does not ask for a passwd. That seems like a security hole.
Where does it say that anyone can run it? It just fails rather than
prompting for a password. This is useful behaviour in scripts where a
password prompt might cause a script to hang, whereas a simple failure
can be catered for.
Paul.