1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
From: Faustin Lammler <faustin@fala.red>
Date: Mon, 16 Jan 2023 16:09:15 +0100
Subject: Running daemon under nobody user is not recommended.
See: https://github.com/systemd/systemd/blob/v246/NEWS#L106-L113
Forwarded: https://github.com/codership/galera/pull/633
---
garb/files/garb.service | 2 +-
garb/files/garb.sh | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/garb/files/garb.service b/garb/files/garb.service
index 926cf57..afe379c 100644
--- a/garb/files/garb.service
+++ b/garb/files/garb.service
@@ -11,7 +11,7 @@ WantedBy=multi-user.target
Alias=garbd.service
[Service]
-User=nobody
+User=_galera
ExecStart=/usr/bin/garb-systemd start
# Use SIGINT because with the default SIGTERM
diff --git a/garb/files/garb.sh b/garb/files/garb.sh
index ad75cda..3d0de3f 100755
--- a/garb/files/garb.sh
+++ b/garb/files/garb.sh
@@ -49,7 +49,7 @@ program_start() {
local rcode
if [ -f /etc/redhat-release ]; then
echo -n $"Starting $prog: "
- daemon --user nobody $prog "$@" >/dev/null
+ daemon --user _galera $prog "$@" >/dev/null
rcode=$?
if [ $rcode -eq 0 ]; then
pidof $prog > $PIDFILE || rcode=$?
@@ -58,7 +58,7 @@ program_start() {
echo
else
log_daemon_msg "Starting $prog: "
- start-stop-daemon --start --quiet -c nobody --background \
+ start-stop-daemon --start --quiet -c _galera --background \
--exec $prog -- "$@"
rcode=$?
# Hack: sleep a bit to give garbd some time to fork
|
