Drop privileges ... change UID/GID

[GoogleCodeExporter]

Hi,

I'm using PyICQt for a while and was always missing a small feature:
Dropping privileges after start-up.

Sometimes it is convenient to start an application as root, for example
to open a logfile as root or to create a pid-file as root and then
drop the privileges. This small feature is still missing in PyICQt.

The attached patch should solve this gap. It introduces to new options:

python PyICQt.py --user=nobody --group=1234

What do you think about this small fix and bringing it upstream?

cheers
Stefan

Original issue reported on code.google.com by superdup...@trash-mail.com on 28 Aug 2009 at 4:11

Attachments:

• main.py.patch

[GoogleCodeExporter]

You can create separate user for PyICQt and give to it permissions for access to
logfile and to pidfile. For example, init script in Debian looks as:
...
PIDDIR=/var/run/pyicqt
PIDFILE=$PIDDIR/$NAME.pid
USER=pyicqt
GROUP=pyicqt
..
if test ! -e $PIDDIR; then
    mkdir $PIDDIR
    chown $USER:$GROUP $PIDDIR
fi
..
start-stop-daemon --start $SSD_OPTS --startas "$DAEMON" --chuid "$USER" -- 
$OPTIONS
...
Transport never shouldn't be ran as root. Init scripts like this isn't shipped 
with
PyICQt but such configuration (separate user and group) are suggested
...

Original comment by r000ns...@gmail.com on 29 Aug 2009 at 4:53

[GoogleCodeExporter]

Moreover, I have ubuntu-based server that ships their own version of pyicq.
There is proper pyicqt user and logrotation script in that package.

Original comment by mathemonkey on 15 Sep 2009 at 12:50

[GoogleCodeExporter]

Yeah your right (both of you). No need for a patch.

hmm I'm new to Google code ... how can I close this bug?

Original comment by superdup...@trash-mail.com on 24 Sep 2009 at 3:23

[GoogleCodeExporter]

#3: Don't worry about it

Original comment by r000ns...@gmail.com on 3 Oct 2009 at 7:05

• Changed state: WontFix