Menu
▾
▴
Re: [Assp-user] assp fails when invoked manually from script
|
From: Jeff B. <je...@bu...> - 2005-09-14 02:33:49
|
OK - I'm glad I didn't say 100% that permissions weren't the problem! I
finally had a chance to take a look at the problem this evening, and I
had forgotten that the configuration file was set to run as the user
"nobody" and group "nobody". So permissions were, indeed, the problem -
thanks!
Jeff
Jeff Buehler wrote:
> I'm 90% certain that's not the problem here. When you start or stop a
> service under Windows (be it at boot time or manually using the
> Services MMC), you are doing so not as the user starting or stopping
> it but as the user designated as owner of the service ("Log on as").
> This is the same under *BSD or Linux, unless doing something more
> elaborate like CHROOT (or "jailing" a process) which I am not doing
> here. In other words, even running ASSP as root I get the same
> behavior, so I'm reasonably certain that something else is up other
> than permissions.
>
> I still think it must be related to some environment variable... but I
> don't know enough about what ASSP is doing to access it's logs,
> whitelist, etc. to be certain. Like I said, I see this problem ALL OF
> THE TIME with ASSP where I go to look at the logs, whitelist, etc.
> after making a small change and they are simply not accessible via the
> web interface because of an extra pipe or an incorrect IP, or any
> number of other things. It seems really fragile with respect to the
> way it accesses external files, permissions aside.
>
> Any other ideas? Anyone know about what ASSP is doing (in some
> detail) to access its external files, mostly as relates to paths?
>
> Thanks!
>
> Jeff
>
> Micheal Espinola Jr wrote:
>
>> I'm guessing it has to do with the security context of how the
>> process is started. I'm not Linux user, but I know there are
>> parallels between the OS's
>>
>> I am assuming that for your implementation, at boot ASSP is starting
>> with some hefty perms that perhaps your login account doesn't have.
>>
>> In Windows 2000, I have ASSP running as a "service" - which means the
>> OS starts up ASSP on its own during boot up, and runs with high-level
>> perms (running as "SYSTEM"). I'm assuming the *NIX equivalent to a
>> service would be a "daemon". If I was to log on, stop ASSP and
>> manually start it (instead of restarting the service/daemon), ASSP
>> would run with the perms of my login account - which may or may not
>> be sufficient (depending on OS hardening, general account perms, etc).
>>
>> HTH
>>
>> On 9/13/05, *Jeff Buehler* <je...@bu...
>> <mailto:je...@bu...>> wrote:
>>
>> Not really - that is possible, but how would the permissions differ
>> between boot and manual running of the script under Linux?
>>
>> Micheal Espinola Jr wrote:
>>
>> > have you checked for a perm-related issue - unable to write to
>> the
>> > config file?
>> >
>> > On 9/13/05, *Jeff Buehler* < je...@bu...
>> <mailto:je...@bu...>
>> > <mailto:je...@bu... <mailto:je...@bu...>>>
>> wrote:
>> >
>> > Hi all -
>> >
>> > This is a bit of a strange problem, but it might have an
>> obvious
>> > answer. I recently set up ASSP on a Gentoo Linux
>> platform. On
>> > reboot,
>> > everything runs great. If I stop/start/restart ASSP from
>> the same
>> > script used at boot time, though, I lose all of my settings
>> (no
>> > log, no
>> > whitelist, etc.).
>> >
>> > I have seen this behavior a LOT with ASSP when something is
>> mis
>> > configured (an IP is out of place, and so on), but in this
>> case it
>> > must
>> > have something to do with an environment variable, like a
>> path, as
>> > relates to how ASSP is being invoked (at least I think it
>> must be
>> > that!)
>> >
>> > Does anyone have any ideas about this? By the way, I am
>> using a very
>> > custom ASSP solution rather than the "package" (Portage, in
>> Gentoo's
>> > case) for reasons that aren't really worth getting into (I
>> am using a
>> > mirrored copy of ASSP that needs to be at a specific,
>> non-standard
>> > location). This is probably related in the sense that ASSP
>> seems to
>> > lose context after being restarted somehow...
>> >
>> > Thanks for any input!
>> >
>> > Jeff
>> >
>> >
>> >
>> > -------------------------------------------------------
>> > SF.Net email is sponsored by:
>> > Tame your development challenges with Apache's Geronimo App
>> Server.
>> > Download it for free - -and be entered to win a 42" plasma
>> tv or
>> > your very
>> > own Sony(tm)PSP. Click here to play:
>> > http://sourceforge.net/geronimo.php
>> > _______________________________________________
>> > Assp-user mailing list
>> > Ass...@li...
>> <mailto:Ass...@li...>
>> > <mailto:Ass...@li...
>> <mailto:Ass...@li...>>
>> > https://lists.sourceforge.net/lists/listinfo/assp-user
>> >
>> >
>> >
>> >
>> > --
>> > ME2 < http://www.santeriasys.net/>
>>
>>
>>
>>
>> -------------------------------------------------------
>> SF.Net email is sponsored by:
>> Tame your development challenges with Apache's Geronimo App Server.
>> Download it for free - -and be entered to win a 42" plasma tv or
>> your very
>> own Sony(tm)PSP. Click here to play:
>> http://sourceforge.net/geronimo.php
>> _______________________________________________
>> Assp-user mailing list
>> Ass...@li...
>> <mailto:Ass...@li...>
>> https://lists.sourceforge.net/lists/listinfo/assp-user
>>
>>
>>
>>
>> --
>> ME2 < http://www.santeriasys.net/>
>
>
>
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by:
> Tame your development challenges with Apache's Geronimo App Server.
> Download it for free - -and be entered to win a 42" plasma tv or your
> very
> own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
> _______________________________________________
> Assp-user mailing list
> Ass...@li...
> https://lists.sourceforge.net/lists/listinfo/assp-user
>
|