FS#14142 - [deluge] System daemon runs as root , uses user-specific settings
Attached to Project:
Arch Linux
Opened by Nezmer (Nezmer) - Wednesday, 08 April 2009, 22:50 GMT
Last edited by Ionut Biru (wonder) - Monday, 11 January 2010, 19:37 GMT
Opened by Nezmer (Nezmer) - Wednesday, 08 April 2009, 22:50 GMT
Last edited by Ionut Biru (wonder) - Monday, 11 January 2010, 19:37 GMT
|
Details
Description:
Discussion : http://bbs.archlinux.org/viewtopic.php?pid=531649 I qoute myself : "If you run deluged from terminal logged in with your user or start the daemon from within deluge , It will run under your user name . The latest deluge Arch update added an option to start deluged from '/etc/rc.d/deluged' . The post-install note suggests that this daemon will run with the user 'deluge' and will download to '/home/deluge' . That setup would suggest also that the settings are reseted and a fresh profile would be created specific for the 'deluge' user . The daemon should be system-wide serving all users . In practice , the daemon is running as root and the previous user-specific settings are preserved ." Additional info: * package version(s) deluge 1.1.6-1 Steps to reproduce: 1) If you already use deluge , then settings are saved in '/home/<username>/.config/deluge' . 2) '/etc/rc.d/deluge start' : a) The daemon will run a process owned by root . b) The previous user settings will be used instead of creating new settings for the "deluge" user . |
This task depends upon
Closed by Ionut Biru (wonder)
Monday, 11 January 2010, 19:37 GMT
Reason for closing: Implemented
Additional comments about closing: 1.2.0. Default user is deluge and users have possibility to change it in /etc/conf.d/deluge
Monday, 11 January 2010, 19:37 GMT
Reason for closing: Implemented
Additional comments about closing: 1.2.0. Default user is deluge and users have possibility to change it in /etc/conf.d/deluge
Thanks.
@ Diego
I have no idea why the daemon is not starting for you . Maybe you had a user daemon running before ?
In the month and a half or so it's been, you may have figured this out, but you'll need to copy /root/.config/deluge/auth to the home directory for the webui (yours, most likely) for it to work properly. This applies to the console and gtk UIs as well, as far as I know.
I noticed the only way to start the rc script properly is as root (which is typical), and deluge then decides to run as root, without ever dropping its privileges to the deluge user. I believe using 'su deluge -c deluged' as the command should solve this (mostly).
How you would work out the rc script in a multi-user environment would require hacking the rc script either to include each user explicitly (bad), or to hack the rc script to load deluged for each user listed in some file (better), or in the 'deluge' group (possibly the best), or even a combination of the last two.
Hopefully somebody will read this and adapt the rc file for the privilege-dropping soon, and maybe even the last option.
Because of the rc script forces deluged to start as a certain user, only users that can login can run deluged through that rc script, so adding 'deluge' to DELUGE_USERS doesn't work correctly, unless you make the deluge user a login-user, or adapt the rc script to use sudo -u $user /usr/bin/deluged instead of su - $user -c /usr/bin/deluged. This is mostly a workaround until deluged can drop its privileges on its own, I guess, or some other alternative works (sudo works, I just don't like the dependancy).
One last note about the patch: Only root can start/stop deluged for certain users (yeah, I know, it's stupid). Technically, a user can stop the deluged process through the rc script, but the other files rc scripts use (/var/run/deluged-$user.pid and /var/run/daemons/deluged-$user) are owned by root, so they can't be removed by the rc script like they're supposed to be.