diff --git a/misc/rc.d/webauthn_demo b/misc/rc.d/webauthn_demo index 1f4f7b5..9334254 100755 --- a/misc/rc.d/webauthn_demo +++ b/misc/rc.d/webauthn_demo @@ -6,24 +6,18 @@ name="webauthn_demo" title="webauthn-demo" rcvar="${name}_enable" -pidfile="/var/run/${name}/${name}.pid" +pidfile="/var/run/${name}.pid" # Change this if you place the demo binary elsewhere exec_path="/home/builder/webauthn/${name}.exe" -start_precmd="webauthn_demo_precmd" - load_rc_config "$name" : ${webauthn_demo_enable:="NO"} -: ${webauthn_demo_user:="builder"} - -webauthn_demo_precmd () { - # Create the parent directory for the pidfile with owner - # ${webauthn_demo_user} as daemon(8) will not have permissions for /var/run/ - install -d -o "${webauthn_demo_user}" "/var/run/${name}" -} +# We can't use $webauthn_demo_user as otherwise daemon(8) will run unprivileged +# and can't create the pidfile and drop privileges +: ${webauthn_demo_runas:="builder"} command="/usr/sbin/daemon" -command_args="-r -S -t ${title} -P ${pidfile} ${exec_path}" +command_args="-r -S -t ${title} -P ${pidfile} -u ${webauthn_demo_runas} ${exec_path}" run_rc_command "$1"