[stunnel-users] SU in exec argument
Florian Götz
f.goetz at hs-mannheim.de
Thu Nov 7 09:58:25 CET 2013
Hi stunnel users,
I´m using SLES with stunnel 4.54-0.9.24, which is stored in /usr/sbin in
this distribution.
Stunnel is used with xinetd in non-daemon mode.
With stunnel in /usr/sbin, I can use stunnel only with root (I know I
can do a sudoers entry for stunnel....but let´s try it the way it was
meant by the distribution).
I wanted so use a stunnel.conf like this:
exec = /bin/su
execargs = su -l -c "/home/abc/bin/binary" abc
cert = /home/abc/certs/cert.pem
key = /home/abc/certs/cert.key
CAfile = /home/fex/certs/CA.pem
TIMEOUTclose = 2
xinetd.d/service config looks like this:
service abc
{
socket_type = stream
wait = no
type = unlisted
protocol = tcp
port = 443
cps = 5 10
user = root
groups = yes
server = /usr/sbin/stunnel
server_args = /home/abc/etc/stunnel.conf
nice = 0
disable = no
}
The "su -l ...." command works fine on a root shell, but with this
stunnel.conf it refuses to work.
Can anybody give me a hint how to resolve that problem?
Best regards
Florian Götz
Mit freundlichen Grüßen
Florian Götz
-----------------------------------------------------------------
Dipl.-Inf. (FH) Florian Götz
Rechenzentrum Hochschule Mannheim
Paul-Wittsack-Straße 10
68163 Mannheim
Tel: 0621/292-6232
EMail: f.goetz at hs-mannheim.de
Internet: http://www.rz.hs-mannheim.de
-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4630 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20131107/c362ef9a/attachment.bin>
More information about the stunnel-users
mailing list