Subj : Re: Fresh install error
To   : Accession
From : StackFault
Date : Tue Jan 16 2024 08:29 pm

 Ac>  S> MIS should not be run as root.
 Ac> 
 Ac> Okay. Whatever. While opinions are like assholes, this is another topic
 Ac> completely. What I was asking him is if he DID run it as root (even just
 Ac> once) it would ruin his permissions if in the future he started running
 Ac> it as a regular user, or even using sudo.

Sure, no issues, while I answered to you, it was not directed but just to pass the information.

 Ac>  S> You should use setcap instead to provide the MIS binary the capability
 Ac>  S> to bind to privileged port using this command:
 Ac> 
 Ac>  S>   sudo setcap 'cap_net_bind_service=+ep' /path/to/mis
 Ac> 
 Ac>  S> This way, MIS can be started with a regular user and still be able to
 Ac>  S> bind to a low port, without root privilege.
 Ac> 
 Ac> Thank you, Mr. Linux Guru.
 Ac> 
 Ac> ...and all I was trying to say is even if you use sudo to start MIS, it
 Ac> binds to the low ports and passes permissions off to the user that used
 Ac> sudo immediately after. It was done on purpose by the developer himself.
 Ac> You can take it up with him if you want to argue about what should and
 Ac> shouldn't be done. *shrug*

Well, again, not personal.

 Ac> To be fair, Synchronet also does this. And it seems so does just about
 Ac> anything that uses systemd if you use the USER and GROUP keywords in
 Ac> your .service file. So you may as well tell all those people how they
 Ac> should do it, too. ;)

Well, I guess you took it to heart.

Cheers!

|15 ß Þ    |15StackFault |08<|03.|11.|15P|11h|03EN|11o|15M|11.|03.|08>
|11  Ý  ß   |11The Bottomless Abyss BBS
|03   ß Ýß   |03ssh|08.|072222 |08/ |03telnet|08.|072023 |08/ |03https
|08     ÜþÞ   |08bbs|07.|08bottomlessabyss|07.|08net

.... As a matter of fact, it IS a banana in my pocket!

--- Mystic BBS v1.12 A48 (Linux/64)
 * Origin: The Bottomless Abyss BBS * bbs.bottomlessabyss.net (21:1/172)

.