aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/sledjchisl/sledjchisl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/sledjchisl/sledjchisl.c')
-rw-r--r--src/sledjchisl/sledjchisl.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c
index 501c7d1..171acd5 100644
--- a/src/sledjchisl/sledjchisl.c
+++ b/src/sledjchisl/sledjchisl.c
@@ -8150,7 +8150,7 @@ Setup the database stuff.
8150 grant all on $MYSQL_DB.* to '$MYSQL_USER'@localhost; 8150 grant all on $MYSQL_DB.* to '$MYSQL_USER'@localhost;
8151 FLUSH PRIVILEGES; 8151 FLUSH PRIVILEGES;
8152 8152
8153Deal with the user. 8153Deal with the system user.
8154 sudo adduser --system --shell /bin/bash --group ${OS_USER} 8154 sudo adduser --system --shell /bin/bash --group ${OS_USER}
8155 sudo addgroup ${USER} ${OS_USER} 8155 sudo addgroup ${USER} ${OS_USER}
8156 8156
@@ -8224,7 +8224,7 @@ Build the OpenSim.
8224// The path to sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work. 8224// The path to sledjchisl.socket needs to be readable by the www-data group. So the FCGI socket will work.
8225// AND it needs to be group sticky on opensimsc group. So the tmux socket will work. 8225// AND it needs to be group sticky on opensimsc group. So the tmux socket will work.
8226// Put both in scRun, and make it other readable? 8226// Put both in scRun, and make it other readable?
8227// No idea of the SECURITY HOLE that might cause. 8227// TODO - No idea of the SECURITY HOLE that might cause.
8228 if(!qfile_exist(scRun)) 8228 if(!qfile_exist(scRun))
8229 { 8229 {
8230 W("Creating the proper %s directory.", scRun); 8230 W("Creating the proper %s directory.", scRun);
@@ -8281,7 +8281,7 @@ Build the OpenSim.
8281 else 8281 else
8282 { 8282 {
8283 I("Not running inside the proper tmux server, starting it with sudo."); 8283 I("Not running inside the proper tmux server, starting it with sudo.");
8284 // The sudo is only so that the session is owned by opensim, otherwise it's owned by whoever ran this script, which is a likely security hole. 8284 // The sudo is only so that the session is owned by opensim, otherwise it's owned by whoever ran this script, which is a likely SECURITY HOLE.
8285 // After the session is created, we rely on the scRun directory to be group sticky, so that anyone in the opensim group can attach to the tmux socket. 8285 // After the session is created, we rely on the scRun directory to be group sticky, so that anyone in the opensim group can attach to the tmux socket.
8286 pre = xmprintf("sudo -Hu %s ", scUser); 8286 pre = xmprintf("sudo -Hu %s ", scUser);
8287 } 8287 }
@@ -8326,7 +8326,6 @@ Build the OpenSim.
8326 } 8326 }
8327 8327
8328 8328
8329
8330//////////////////////////////////////////////////////////////////////////////////////////////////// 8329////////////////////////////////////////////////////////////////////////////////////////////////////
8331// Other start up stuff. 8330// Other start up stuff.
8332//////////////////////////////////////////////////////////////////////////////////////////////////// 8331////////////////////////////////////////////////////////////////////////////////////////////////////