[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #61083] [feature request]: make updatedb.findutils more compatible
From: |
Yancey Chiew |
Subject: |
[bug #61083] [feature request]: make updatedb.findutils more compatible by no longer using `su nobody` |
Date: |
Wed, 25 Aug 2021 16:28:16 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 |
URL:
<https://savannah.gnu.org/bugs/?61083>
Summary: [feature request]: make updatedb.findutils more
compatible by no longer using `su nobody`
Project: findutils
Submitted by: yanceychiw
Submitted on: Wed 25 Aug 2021 08:28:14 PM UTC
Category: locate
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Release: 4.6.0
Discussion Lock: Any
Fixed Release: None
_______________________________________________________
Details:
There is a locate script in the /etc/cron.daily directory, which calls
/usr/bin/updatedb.findutils to maintain the update of the file index
database.
In the updatedb.findutils script, su is used to switch the user to nobody.
Because the script is actually called by cron, which will cause the login of
the nobody user and it's subsequent exit.
The login and logout of the nobody user are maintained by
systemd-logind.service. Due to the characteristics of logind, after the daily
task of locate is executed, the nobody user will log out, and systemd will
clean up all the IPC files created by the nobody user. The logind's RemoveIPC
option can control that, and it's turned on by default.
Considering that the nobody user is not specifically created by findutils,
other programs in the system may also be executed as it, the IPC files they
create will be cleaned up along with the exit of the user session of nobody,
and causing abnormalities in these programs.
So,if it is necessary to use the identity of nobody to perform the file index
database update task, can *setpriv* or maybe another way without login session
replace su?
https://git.savannah.gnu.org/cgit/findutils.git/tree/locate/updatedb.sh?id=a5659a42fa2db0263ca45b1f1806f32c04505dc8#n296
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?61083>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
- [bug #61083] [feature request]: make updatedb.findutils more compatible by no longer using `su nobody`,
Yancey Chiew <=