Bug 25481: Pass --user to start-stop-daemon when a pidfile is used
Since D10, the behaviour of start-stop-daemon changed, see from its
manual:
"""
Warning: using this match option with a world-writable pidfile or using it alone with a daemon that writes the pidfile as an unprivileged (non-root) user will be refused with an error (since
version 1.19.3) as this is a security risk, because either any user can write to it, or if the daemon gets compromised, the contents of the pidfile cannot be trusted, and then a privileged
runner (such as an init script executed as root) would end up acting on any system process. Using /dev/null is exempt from these checks.
"""
Test plan:
koha-plack --restart kohadev
should success with this patch.
Without this patch you get:
start-stop-daemon: matching only on non-root pidfile /var/run/koha/kohadev/plack.pid is insecure
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>