Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 03:59
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Derivatives
How about a multiuser Puppy derivative?
Moderators: Flash, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Springer


Joined: 22 Aug 2006
Posts: 52
Location: Austin, TX

PostPosted: Thu 24 May 2007, 16:42    Post_subject:  How about a multiuser Puppy derivative?  

I'm looking for a multiuser Puppy derivative for a small embedded server (no gui) application on e-box 2300 hardware.

IIRC, Grafpup has multiuser support, but being graphics-heavy, it's not necessarily the best starting place.

Are there other multiuser Puppy variants? Any good recommendations for embedded Puppy booting off CF card?
Back to top
View user's profile Send_private_message 
Springer


Joined: 22 Aug 2006
Posts: 52
Location: Austin, TX

PostPosted: Thu 24 May 2007, 16:45    Post_subject:  

I should clarify: by multi-user, I mean supporting non-root users with limited privileges.

This is more for security concerns in my application than to actually support multiple simultaneous users, although that might happen.
Back to top
View user's profile Send_private_message 
GuestToo
Puppy Master

Joined: 04 May 2005
Posts: 4078

PostPosted: Thu 24 May 2007, 22:44    Post_subject:  

Xampp must start running as root ... it automatically runs the Apache server as user nobody, with limited privileges

so if someone were able to get into your system through the web server, they would have the same privileges as the server, that is the privileges that "nobody" has, which is very limited

in most Linux distros, an unprivileged user can su to root ... in standard Puppy, the suid bit is not set on tinylogin, so "nobody" can not su to root, even if a root password were set and the intruder knew the password

my Monkey web server package works the same way ... it starts as root and then runs the server as user nobody (if you don't start the server as root, the server can not use the lower port numbers, like port 80 and port 21)
Back to top
View user's profile Send_private_message 
Gekko


Joined: 22 Jul 2006
Posts: 445
Location: Sydney, New South Wales

PostPosted: Fri 25 May 2007, 06:43    Post_subject:  

install the "shadow" package from a tgz. This installs a real su, login and adds useradd, groupadd, etc. I've been using it for sshd. The only thing it can't do is load X through other users.
Back to top
View user's profile Send_private_message 
raffy

Joined: 25 May 2005
Posts: 4779
Location: Manila

PostPosted: Fri 25 May 2007, 18:37    Post_subject: user nobody  

Look for onebone (no X) and add your server.

As G2 said, user "nobody" is the one used by servers generally, even if it gets started by root.

There is one issue here, which is that Puppy occasionally reverts ownership of the files in htdocs to root. Is there a way of preventing this?

_________________
Puppy user since Oct 2004. Want FreeOffice? Get the sfs (English only).
Back to top
View user's profile Send_private_message 
GuestToo
Puppy Master

Joined: 04 May 2005
Posts: 4078

PostPosted: Fri 25 May 2007, 22:04    Post_subject:  

you could try setting the file permissions to read-only

you could set the default ownership and/or permissions of the files from a script, maybe every time the server is started, something like this:

chown -R nobody:nobody /root/htdocs/*
exec lampp start
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Puppy Derivatives
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0491s ][ Queries: 11 (0.0068s) ][ GZIP on ]