RE: procServ and user id

[Mark Rivers <rivers@cars.uchicago.edu>]

I'm not sure I understand the question.  Are you saying that you normally run procServ as root?  We certainly do not.  Here are some of the procServ processes on our system, displayed with ps -eF

epics    25157     1  0  2013 ?        00:20:39 /usr/local/bin/procServ -n 13IDA_PS2_IOC -L /home/epics/logs/13IDA_PS2.log 20472 /home/epics/support/CARS/iocBoot/ioc13ida_ps2/start_epics
epics    25159 25157  0  2013 pts/26   00:00:00 /bin/sh /home/epics/support/CARS/iocBoot/ioc13ida_ps2/start_epics

epics    27195     1  0  2013 ?        00:18:20 /usr/local/bin/procServ -n 13BMD_XPS_LVP_IOC -L /home/epics/logs/13BMD_XPS_LVP.log 20138 /home/epics/support/CARS/iocBoot/ioc13bmd_LVP_XPS/start_epics
epics    27621  6152  0 Mar26 pts/7    00:00:00 /bin/sh /home/epics/support/CARS/iocBoot/ioc13idc_GPD_XPS/start_epics

gpd_user 31143     1  0 Apr18 ?        00:01:41 procServ --noautorestart -n psic_bmc -i ^D -L /home/gpd_user/psic_bmc.log 20001 /usr/local/bin/psic -N psic_bmc
gpd_user 31145 31143  0 Apr18 pts/34   01:19:24 /usr/local/bin/psic -N psic_bmc

Note that both procServ and the program being run by procServ are running under the non-privileged accounts epics and gpd_user.

Mark
 

-----Original Message-----
From: tech-talk-bounces@aps.anl.gov [mailto:tech-talk-bounces@aps.anl.gov] On Behalf Of Konrad, Martin
Sent: Wednesday, May 21, 2014 1:06 PM
To: EPICS Tech Talk
Subject: procServ and user id

Hi,
I am wondering if it is possible to run a process inside procServ using 
a non-root user id (for security reasons). I didn't find anything in the 
man page.

Thanks,

Martin

P.S.: Running procServ itself as a non-root user might be difficult 
since it needs to open log files, open the telnet port etc.

-- 
Martin Konrad
Control System Engineer
Facility for Rare Isotope Beams
Michigan State University
640 South Shaw Lane
East Lansing, MI 48824-1321, USA
Tel. 517-908-7253
Email: konrad@frib.msu.edu