On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote: > On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: > >> On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: >> >>> On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: >>> >>>> On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: >>>> >>>>> I have a little script to start fetchmail, which is activated in >>>>> rc.local. It runs perfectly when started from a root login; but it >>>>> fails when started from rc.local. >>>>> >>>>> Here is the info: >>>>> =========================== Scripts Start =========================== >>>>> $ more rc.local fetchmail-start >>>>> :::::::::::::: >>>>> rc.local >>>>> :::::::::::::: >>>>> #!/bin/sh >>>>> # >>>>> # This script will be executed *after* all the other init scripts. >>>>> # You can put your own initialization stuff in here if you don't >>>>> # want to do the full Sys V style init stuff. >>>>> >>>>> # Fork a script that will start fetchmail for jonrysh in a few seconds >>>>> /etc/rc.d/fetchmail-start >>>>> >>>>> touch /var/lock/subsys/local >>>>> :::::::::::::: >>>>> fetchmail-start >>>>> :::::::::::::: >>>>> #!/bin/sh >>>>> # >>>>> # Start fetchmail for jonrysh >>>>> >>>>> su jonrysh -c 'sleep 5; fetchmail' >>>>> >>>>> =========================== Messages Start =========================== >>>>> Fetchmail emits the following error message and fails: >>>>> fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied >>>>> >>>>> What's happening? How can it be fixed? >>>>> >>> >>>> The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership >>>> given to jonrysh:jonrysh >>>> >>> Everything is as you recommend. Note that the scheme works when invoked >>> from a command window running a shell as root, but not from the init >>> script. >>> >>> >>>> You could also start it without the su by adding it to your own crontab: >>>> @reboot sleep 30& fetchmail >>>> >>> Thanks, I'll try this. But I'd still like to know what's the reason for >>> the permission failure when running out of rc.local . SELinux issues? >>> >>> >> ---- >> this works for me (in rc.local)... >> >> /bin/su - craig -c '/usr/bin/fetchmail'& >> > I tried it, and now things are worse than before. The startup script > now reads: > #!/bin/sh > # > # Start fetchmail for jonrysh > > su - jonrysh -c 'sleep 5; fetchmail' > > Now there's an additional error in boot.log: > ... > Starting atd: [ > OK ] > Error opening display! > fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied > > The display did actually start OK after a short delay. It's a mystery > to me. > > Thanks to all - jon > > > > > Check to see if there are SELinux AVC messages in /var/log/audit/audit.log # grep fetchmail /var/log/audit/audit.log Also instead of using su, use runuser (Same thing except runuser does not use the pam stack.) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
