Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make it possible to run the script without root privileges #6

Closed
kaystrobach opened this issue Jan 2, 2016 · 9 comments
Closed

make it possible to run the script without root privileges #6

kaystrobach opened this issue Jan 2, 2016 · 9 comments
Assignees
@kelunik
Labels
feature

Comments

@kaystrobach
Copy link

for some shared hosting envs it would be awesome to have the ability to run the client as non root user
@kaystrobach
Copy link
Author

took a look into the code, and i think, basicly the chown statements need to be removed if the current user is not a root user (posix_id != 0)

@kelunik
Copy link
Owner

kelunik commented Jan 2, 2016

You're right, already thought about that. Maybe a special flag like --no-root would be required to prevent file permission issues due to missing sudo in other environments.

@kelunik kelunik added the feature label Jan 2, 2016
@kaystrobach
Copy link
Author

I will take a look into that one, at first i will only check if uid ===0 if so do a chown if not simple not do it

----- Originale Nachricht -----
Von: Niklas Keller notifications@github.com
Gesendet: 02.01.2016 - 22:43
An: kelunik/acme-client acme-client@noreply.github.com
Betreff: Re: [acme-client] make it possible to run the script without root privileges (#6)

You're right, already thought about that. Maybe a special flag like --no-root would be required to prevent file permission issues due to missing sudo in other environments.

Reply to this email directly or view it on GitHub:
#6 (comment)

@xgin
Copy link

xgin commented Jan 3, 2016

I'd like to discourage you of usage posix functions: it breaks compatibility with Windows.
Wrapping in function_exists could be suitable workaround.

@kelunik
Copy link
Owner

kelunik commented Jan 3, 2016

It doesn't work without those on Unix systems. I don't know if checking for Windows or with function_exists is better. Having a build without posix enabeld on Linux will probably fail then, because of wrong privileges.

@kaystrobach
Copy link
Author

@kelunik the files will have the current user as owner if there is no chmod done, so it should be ok.
IMHO this is the only way to ensure, that it can be used on shared hosting envs, often there is no way to use chown :(

and in those envs you will then upload the ssl certificates via a webinterface to setup all the stuff.

@kelunik
Copy link
Owner

kelunik commented Jan 3, 2016

Yes, but in all other environments you're usually not logged in as the webserver's user. And then all those files will be owned by your operations account. That's why I prefer a explicit --no-root or --no-sudo or --no-chown flag currently.

@kaystrobach
Copy link
Author

agreed

@kelunik kelunik self-assigned this Jan 17, 2016
@kelunik
Copy link
Owner

kelunik commented Feb 24, 2016

Should be resolved by #14.

@kelunik kelunik closed this as completed Feb 24, 2016
@PalleZ PalleZ mentioned this issue Jun 27, 2016
Closed
@Tumbler Tumbler mentioned this issue Apr 22, 2019
Closed
@FlyThePlanet FlyThePlanet mentioned this issue Aug 9, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kelunik kelunik

Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kaystrobach @kelunik @xgin