Hi,
I'm running batman (experimental) on a debian linux as root but want to access the debug levels (batmand -c -b -d 1) from within a apache that is not running as root.
batman actually checks the user id and does not allow to run as non-root users. also when I disable the check, batman can not access the /var/run/batman.socket except when I change the access modes from command line. but after each start of batman, the access rights are restricted to root.
Is it possible to also support non root access for batmand -c -b -d 1?
Regards Stephan
Hi,
I'm running batman (experimental) on a debian linux as root but want to access the debug levels (batmand -c -b -d 1) from within a apache that is not running as root.
indeed a problem. As quick fix you could use sudo and allow www-data to access batmand.
batman actually checks the user id and does not allow to run as non-root users. also when I disable the check, batman can not access the /var/run/batman.socket except when I change the access modes from command line.
That is why batman checks the user id ...
Is it possible to also support non root access for batmand -c -b -d 1?
The question is: Do we really want that ? I understand your case but your solutions implies that other non-privileged could access the daemon. The "batmand -c" command can do much more than giving you the debug output as changing the gateway_class / routing_class / preferred gateway and may be more in the future.
Regards, Marek
Hi,
Thanks, I no use the following setting in /etc/sudoers:
# Cmnd alias specification Cmnd_Alias BATMAND=/usr/bin/batmand -c -b -d [0-9]
# User privilege specification root ALL=(ALL) ALL www-data ALL=NOPASSWD: BATMAND
b.a.t.m.a.n@lists.open-mesh.org
-
Freifunk Dresden -
Marek Lindner