Is cutting out "nobody:nogroup" legal in init.d scripts?

[mikprog]

I have installed gmediarender and gmediaserver onto my bionicpup powered nettop. I used puppy package manager to install gst123_0.3.5-1, gmediarender_0.0.7 and gmediaserver_0.13.0 packages. After installation completed I found gmediarender and gmediaserver in /etc/init.d directory. After reboot no one of gmedia* processes found by process viewer so I made try start them manually

Code: Select all

gmediaserver start
gmediarender start

I fixed some parameters in proper /etc/default config files but with no effect. So I decided to trace command sequence from gmediaserver and gmediarender startup scripts. What I found

Code: Select all

gmediarender:

start-stop-daemon -c "$DAEMON_USER" --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
		-f "$UPNP_DEVICE_NAME" -d -u $UPNP_UUID $GS_SINK_PARAM $GS_DEVICE_PARAM \
		--gstout-initial-volume-db=$INITIAL_VOLUME_DB $DAEMON_EXTRA_ARGS  

$DAEMON_USER assigned with nobody:nogroup value

Code: Select all

gmediaserver:

chown nobody:nogroup /var/run/$NAME
start-stop-daemon -c [b]nobody:nogroup[/b] --start --quiet \
	        --pidfile /var/run/$NAME/$NAME.pid \
		--exec $DAEMON \
		-- -b --pid-file=/var/run/$NAME/$NAME.pid \
		$GMEDIASERVERARGS $GMEDIASERVERDIR 

these start-stop-daemon commands are not start anything and chown says chown: unknown user/group nobody:nogroup

So I'm asking:
1. Is it possible cut out -c nobody:nogroup and -c "$DAEMON_USER" from these commands?
2. Is it better to change user:group in these commands to something else? What it would be?

[rockedge]

just add the user and group! might be the easy way

Code: Select all

adduser nodody -D
adduser nobody nogroup

the -D makes nobody a system user requiring no password, the second line adds nobody to nogroup. You might need to run this command twice to insert the group into /etc/group

OR:
change the user from nobody:nogroup to webuser:webgroup since these exist in Puppy Linux in the stock versions

[mikprog]

Thank you Rockedge for advice. I found nobody already exists in puppy and one is a member of nobody group by default. So nobody:nogroup changed to nobody:nobody everywhere. It works!

[rockedge]

Hello mikprog

I forgot that nobody already exists! Good work on getting it going!
I use chown -R a lot as well.

[Mike Walsh]

@ rockedge:-

I use chown -R a lot as well.

Snap! Me too.

Question:-

Is there a text file buried somewhere in the system - or a terminal command - that in fact defines what all these 'group/user' combos are? It's something I've been curious about for a while....


Mike.

[fredx181]

Question:-

Is there a text file buried somewhere in the system - or a terminal command - that in fact defines what all these 'group/user' combos are? It's something I've been curious about for a while....

That would be /etc/group (if I understand your question well)

Fred

[rockedge]

Hello Mike,
Fred is correct and these are the files concerned ->

Code: Select all

/etc/passwd
/etc/group
/etc/shadow
/etc/gshadow

I suffered long working on remastering a Puppy Linux with a web server, mysql server and a package like Zoneminder. None of the remaster scripts would include these important edited files so I manually copied them into the remaster during the process of making the remaster version. Many failed remaster attempts it took to find out about the importance of this set of files

Until nic007 created a remaster script that performed this task automatically.
His remastering package and an experimental version specifically for remastering a Zoneminder setup Puppy has made this task easy now .

[Mike Walsh]

@ Fred/rockedge:-

Thanks to both of you. As I said, it's just something I've been wondering about for a while; not seriously enough to warrant creating a thread about it, but it's just been floating around in the big empty vacuum of my skull for some time!

I knew I'd probably find out, sooner or later. Cheers, anyway.

-----------------

@ rockedge:-

I see you were right about the 'nobody' group. I didn't even know that one existed. What's the point of it; any ideas?


Mike.

[rockedge]

the user nobody was used more in the past. Mostly used to run web servers

In many Unix variants, "nobody" is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities except those which every other user has.

It is common to run daemons as nobody, especially servers, in order to limit the damage that could be done by a malicious user who gained control of them. However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. The reason is that nobody-owned processes have the ability to send signals to each other and even debug each other, allowing them to read or even modify each other's memory.

Information taken from http://en.wikipedia.org/wiki/Nobody_(username).

I use "nobody", "www-data" or "daemon" and in Puppy Linux there is "webuser:webgroup" for the Hiawatha web server and the PERL blog that uses the web server.