runas — program to run daemons as non priviledge users
runas [-c location] [uid] [gid] [program]
runas is a small program that allows administrators a generic way to
run daemons as non privileged users.
runas is equivalent to using su but it strips off the environment
and does not require the target user’s shell to be legitimate (that is,
listed under /etc/shells)
The main reason of using runas is to avoid having daemons run as the
root user, in some cases this might be necessary (like login programs,
such as ssh or telnetd that need to switch to the user making the
connection) but in many cases it might not be necessary at all. It can
be also a good replacement for su, since it prevents attacks to daemons
through the use of environment variables. Just change (in your
initialisation scripts under /etc/init.d) the line:
su - daemon -c /usr/bin/blah
runas daemon daemongroup /usr/bin/blah
This program just takes two options:
-? Show summary of options.
-c Chroot the daemon to a specific location.
The TITAN FAQ (link to URL http://www.trouble.org/titan/FAQ.html)
This manual page was written by Javier Fernandez-Sanguino Pen~a
<email@example.com> for the Debian system (but may be used by others).
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU General Public License, Version 2 any later
version published by the Free Software Foundation.
On Debian systems, the complete text of the GNU General Public License
can be found in /usr/share/common-licenses/GPL.