diff options
-rw-r--r-- | src/sledjchisl/sledjchisl.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c index 501c7d1..171acd5 100644 --- a/src/sledjchisl/sledjchisl.c +++ b/src/sledjchisl/sledjchisl.c | |||
@@ -8150,7 +8150,7 @@ Setup the database stuff. | |||
8150 | grant all on $MYSQL_DB.* to '$MYSQL_USER'@localhost; | 8150 | grant all on $MYSQL_DB.* to '$MYSQL_USER'@localhost; |
8151 | FLUSH PRIVILEGES; | 8151 | FLUSH PRIVILEGES; |
8152 | 8152 | ||
8153 | Deal with the user. | 8153 | Deal with the system user. |
8154 | sudo adduser --system --shell /bin/bash --group ${OS_USER} | 8154 | sudo adduser --system --shell /bin/bash --group ${OS_USER} |
8155 | sudo addgroup ${USER} ${OS_USER} | 8155 | sudo addgroup ${USER} ${OS_USER} |
8156 | 8156 | ||
@@ -8224,7 +8224,7 @@ Build the OpenSim. | |||
8224 | // The path to sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work. | 8224 | // The path to sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work. |
8225 | // AND it needs to be group sticky on opensimsc group. So the tmux socket will work. | 8225 | // AND it needs to be group sticky on opensimsc group. So the tmux socket will work. |
8226 | // Put both in scRun, and make it other readable? | 8226 | // Put both in scRun, and make it other readable? |
8227 | // No idea of the SECURITY HOLE that might cause. | 8227 | // TODO - No idea of the SECURITY HOLE that might cause. |
8228 | if(!qfile_exist(scRun)) | 8228 | if(!qfile_exist(scRun)) |
8229 | { | 8229 | { |
8230 | W("Creating the proper %s directory.", scRun); | 8230 | W("Creating the proper %s directory.", scRun); |
@@ -8281,7 +8281,7 @@ Build the OpenSim. | |||
8281 | else | 8281 | else |
8282 | { | 8282 | { |
8283 | I("Not running inside the proper tmux server, starting it with sudo."); | 8283 | I("Not running inside the proper tmux server, starting it with sudo."); |
8284 | // The sudo is only so that the session is owned by opensim, otherwise it's owned by whoever ran this script, which is a likely security hole. | 8284 | // The sudo is only so that the session is owned by opensim, otherwise it's owned by whoever ran this script, which is a likely SECURITY HOLE. |
8285 | // After the session is created, we rely on the scRun directory to be group sticky, so that anyone in the opensim group can attach to the tmux socket. | 8285 | // After the session is created, we rely on the scRun directory to be group sticky, so that anyone in the opensim group can attach to the tmux socket. |
8286 | pre = xmprintf("sudo -Hu %s ", scUser); | 8286 | pre = xmprintf("sudo -Hu %s ", scUser); |
8287 | } | 8287 | } |
@@ -8326,7 +8326,6 @@ Build the OpenSim. | |||
8326 | } | 8326 | } |
8327 | 8327 | ||
8328 | 8328 | ||
8329 | |||
8330 | //////////////////////////////////////////////////////////////////////////////////////////////////// | 8329 | //////////////////////////////////////////////////////////////////////////////////////////////////// |
8331 | // Other start up stuff. | 8330 | // Other start up stuff. |
8332 | //////////////////////////////////////////////////////////////////////////////////////////////////// | 8331 | //////////////////////////////////////////////////////////////////////////////////////////////////// |