On Fri, 20 Feb 2004, Jan-Kees Fels wrote:> I got rid of the following lines number 3 and 8 hereunder. They were > present in the example xml and I think that they don't belong here > because icecast won't run if chroot is not being used........Lines 3 and 8 specified the beginning and end of a commented out section. The chroot section is commented out since you only need to configure it if you are running it as root (you're encouraged to run it as someone else) and should be edited before use at any rate. Geoff. <p>--- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
Thanks for the superfast reaction.
You got me started thinking.
I got rid of the following lines number 3 and 8 hereunder. They were
present in the example xml and I think that they don't belong here
because icecast won't run if chroot is not being used........
Now it starts. I am very happy about this!!!! :-)
JK
1 <security>
2 <chroot>0</chroot>
3 <!--
4 <changeowner>
5 <user>nobody</user>
6 <group>nogroup</group>
7 </changeowner>
8 -->
9 </security>
<p><p><p>-----Original Message-----
From: owner-icecast@xiph.org [mailto:owner-icecast@xiph.org] On Behalf
Of Enrico Minack
Sent: Friday, February 20, 2004 1:29 PM
To: icecast@xiph.org
Subject: Re: [icecast] icecast 2.0.0 chroot problem
Try this:
<security>
<chroot>1</chroot> <!-- so that chage root is activated
-->
<changeowner>
<user>nobody</user> <!-- this must be an existing
user at
your
system -->
<group>nogroup</group> <!-- this must be an existing
group
at
you rsystem -->
</changeowner>
</security>
</icecast>
Enrico
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body. No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.
<p>--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body. No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.
On Saturday 21 February 2004 00:14, Jan-Kees Fels wrote:> Thanks for the superfast reaction. > > You got me started thinking. > > I got rid of the following lines number 3 and 8 hereunder. They were > present in the example xml and I think that they don't belong here > because icecast won't run if chroot is not being used........ > > Now it starts. I am very happy about this!!!! :-) > > JK > > 1 <security> > 2 <chroot>0</chroot> > 3 <!-- > 4 <changeowner> > 5 <user>nobody</user> > 6 <group>nogroup</group> > 7 </changeowner> > 8 --> > 9 </security> >These lines are the start and end of a commented-out section. They're meant to be here - most users don't run icecast as root. You only need this section if you're running it as root - and you should only be running it as root if you need to run it on a port <= 1024. Mike --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
Hi,
I can run icecast as root and have it switched to another user e.g.
"icecast".
<security>
<chroot>0</chroot>
<changeowner>
<user>icecast</user>
<group>icecast</group>
</changeowner>
</security>
</icecast>
The advantage of this strategy is that the icecast user doesn't have to have
login capabilities at any time. E.g. when for whatever reason you need to
start icecast again, you don't need to give this user (icecast user in my
case) login capabilities.
<p>JK
-----Original Message-----
From: owner-icecast@xiph.org [mailto:owner-icecast@xiph.org] On Behalf Of
Michael Smith
Sent: Monday, February 23, 2004 1:56 AM
To: icecast@xiph.org
Subject: Re: [icecast] icecast 2.0.0 chroot problem
On Saturday 21 February 2004 00:14, Jan-Kees Fels wrote:> Thanks for the superfast reaction.
>
> You got me started thinking.
>
> I got rid of the following lines number 3 and 8 hereunder. They were
> present in the example xml and I think that they don't belong here
> because icecast won't run if chroot is not being used........
>
> Now it starts. I am very happy about this!!!! :-)
>
> JK
>
> 1 <security>
> 2 <chroot>0</chroot>
> 3 <!--
> 4 <changeowner>
> 5 <user>nobody</user>
> 6 <group>nogroup</group>
> 7 </changeowner>
> 8 -->
> 9 </security>
>
These lines are the start and end of a commented-out section. They're meant
to
be here - most users don't run icecast as root. You only need this section
if
you're running it as root - and you should only be running it as root if you
need to run it on a port <= 1024.
Mike
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body. No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.
<p>--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body. No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.