Supongamos que un script se ejecuta al arrancar como root. Desde este script quiero empezar tcpsvd -E 0 515 lpd. Quiero tcpsvdejecutar como usuario sin privilegios. Pero requiere privilegios de root para conectarse al puerto 515. ¿Cómo puedo lograr esto?
Además tengo que usar busybox tcpsvd:
tcpsvd
tcpsvd [-hEv] [-c N] [-C N[:MSG]] [-b N] [-u USER] [-l NAME] IP PORT PROG
Create TCP socket, bind to IP:PORT and listen for incoming connection.
Run PROG for each connection.
IP IP to listen on. '0' = all
PORT Port to listen on
PROG [ARGS] Program to run
-l NAME Local hostname (else looks up local hostname in DNS)
-u USER[:GRP] Change to user/group after bind
-c N Handle up to N connections simultaneously
-b N Allow a backlog of approximately N TCP SYNs
-C N[:MSG] Allow only up to N connections from the same IP
New connections from this IP address are closed
immediately. MSG is written to the peer before close
-h Look up peer's hostname
-E Do not set up environment variables
-v Verbose
Respuesta1
Debe hacer que el programa se vincule al puerto mientras se ejecuta como root y luego cambiar a su usuario sin privilegios. tcpsvdofrece la -uopción de hacer esto:
-u user[:group]
drop permissions. Switch user ID to user’s UID, and group ID to
user’s primary GID after creating and binding to the socket. If
user is followed by a colon and a group name, the group ID is
switched to the GID of group instead. All supplementary groups
are removed.