diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2014-12-05 22:26:11 +0000 |
---|---|---|
committer | Laurent Bercot <ska-skaware@skarnet.org> | 2014-12-05 22:26:11 +0000 |
commit | 90b12bd71bb9fc79a4640b9112c13ef529d0196a (patch) | |
tree | 523b3f4ee2969e7a729bab2ba749c4b924ae62af /doc/s6-envuidgid.html | |
download | s6-90b12bd71bb9fc79a4640b9112c13ef529d0196a.tar.gz s6-90b12bd71bb9fc79a4640b9112c13ef529d0196a.tar.xz s6-90b12bd71bb9fc79a4640b9112c13ef529d0196a.zip |
Initial commit
Diffstat (limited to 'doc/s6-envuidgid.html')
-rw-r--r-- | doc/s6-envuidgid.html | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/doc/s6-envuidgid.html b/doc/s6-envuidgid.html new file mode 100644 index 0000000..680e841 --- /dev/null +++ b/doc/s6-envuidgid.html @@ -0,0 +1,64 @@ +<html> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <meta http-equiv="Content-Language" content="en" /> + <title>s6: the s6-envuidgid program</title> + <meta name="Description" content="s6: the s6-envuidgid program" /> + <meta name="Keywords" content="s6 command s6-envuidgid uid gid environment modification" /> + <!-- <link rel="stylesheet" type="text/css" href="http://skarnet.org/default.css" /> --> + </head> +<body> + +<p> +<a href="index.html">s6</a><br /> +<a href="http://skarnet.org/software/">Software</a><br /> +<a href="http://skarnet.org/">skarnet.org</a> +</p> + +<h1> The s6-envuidgid program </h1> + +<p> +s6-envuidgid sets the UID, GID and GIDLIST environment variables, +then executes into another program. +</p> + +<h2> Interface </h2> + +<pre> + s6-envuidgid <em>account</em> <em>prog...</em> +</pre> + +<ul> + <li> s6-envuidgid looks <em>account</em> up by name in the account database. </li> + <li> If <em>account</em> is unknown, it exits 1. </li> + <li> It sets the UID environment variable to <em>account</em>'s uid, and the GID +environment variable to <em>account</em>'s gid. </li> + <li> It also sets the GIDLIST environment variable to a comma-separated list of +supplementary group ids <em>account</em> is a member of according to the +group database. (If <em>account</em> doesn't belong to any other group than its +primary group, GIDLIST is still set, but empty.) </li> + <li> Then it executes into <em>prog...</em>. </li> +</ul> + +<h2> Notes </h2> + +<p> + s6-envuidgid behaves like +<a href="http://cr.yp.to/daemontools/envuidgid.html">envuidgid</a>, except that: +</p> + +<ul> + <li> it also handles supplementary groups </li> + <li> It exits 1 if <em>account</em> does not exist. </li> +</ul> + +<p> + s6-envuidgid is useful when running a program that must start as root but can +drop its privileges later. Such a program can read its new uid/gid/groups info +from the UID, GID and GIDLIST environment variables. Superservers such as +<a href="http://skarnet.org/software/s6-networking/s6-tcpserver4.html">s6-tcpserver4</a> +make use of this. +</p> + +</body> +</html> |