SYNOPSIS
runas [-c directorio] [uid] [gid] [umask] [program] [[options]]
DESCRIPTION
runas is a small program that
allows administrators a generic way to run daemons as non
privileged users.
runas is equivalent to using su but it strips off the environment and does not require the target user's shell to be legitimate (that is, listed under /etc/shells)
The main reason of using runas is to avoid
having daemons run as the root user, in some cases this might be
necessary (like login programs, such as ssh or
telnetd that need to switch to the user making
the connection) but in many cases it might not be necessary at all.
It can be also a good replacement for su, since
it prevents attacks to daemons through the use of environment
variables. Just change (in your initialisation scripts under
/etc/init.d) the line:
-
su - daemon -c /usr/bin/blah
to:
-
runas daemon daemongroup /usr/bin/blah
OPTIONS
This program just takes two command line options:
- -?
- Show summary of options.
- -cdirectory
- Chroot the daemon to a specific directory before execution.
AUTHOR
This manual page was written by Javier Fernandez-Sanguino Pen~a <[email protected]> for
the Debian system (but may be used by others). Permission is
granted to copy, distribute and/or modify this document under
the terms of the GNU General Public License, Version 2 any later
version published by the Free Software Foundation.
On Debian systems, the complete text of the GNU General Public
License can be found in /usr/share/common-licenses/GPL.