That's what I thought, but I set permissions to 777 for the entire Mystic folder, and that didn't solve it.
Error loading prelogin.mnu
Could it be a permission problem?
That's what I thought, but I set permissions to 777 for the entire
Mystic folder, and that didn't solve it.
This way, MIS can be started with a regular user and still be able to
bind to a low port, without root privilege.
It's permission dropping - what older (maybe current?) Apache does/did
as well. It's certainly not a best practice, and has been known for many years.
Stack is right on both accounts. You can set the caps and not worry
about security, or run as root and cross your fingers.
ogg, Accession, NuSkooler, thanks guys. I installed with sudo, and then
I was locally logged in to Mystic while I was logged into sudo.
The way I got this resolved was by installed mystic in a subfolder from
my home folder. g00r00 said to do that in some documentation that I overlooked.
I know it didn't used to be that way - because my old bbs is installed
in /var/www. So something is weird about that folder issue to me, but at least the problem is solved.
MIS should not be run as root.
Okay. Whatever. While opinions are like assholes, this is another topic completely. What I was asking him is if he DID run it as root (even just once) it would ruin his permissions if in the future he started running
it as a regular user, or even using sudo.
You should use setcap instead to provide the MIS binary the capability to bind to privileged port using this command:
sudo setcap 'cap_net_bind_service=+ep' /path/to/mis
This way, MIS can be started with a regular user and still be able to bind to a low port, without root privilege.
Thank you, Mr. Linux Guru.
...and all I was trying to say is even if you use sudo to start MIS, it binds to the low ports and passes permissions off to the user that used sudo immediately after. It was done on purpose by the developer himself. You can take it up with him if you want to argue about what should and shouldn't be done. *shrug*
To be fair, Synchronet also does this. And it seems so does just about anything that uses systemd if you use the USER and GROUP keywords in
your .service file. So you may as well tell all those people how they should do it, too. ;)
You should use setcap instead to provide the MIS binary the capabilit to bind to privileged port using this command:
This is the way... :>
Otherwise when setting up your port forward, redirect it to a high port
of something like 2023.
You should not set 777 to files except in some rare occasions.
Regular files should be 644 and directory 755 (depending on the need, you may have to tweak this on a case by case basis).
Thanks for that tip! I felt like it was mistake but at the time I was
just trying everything.
This way, MIS can be started with a regular user and still be able to bind to a low port, without root privilege.
And it prevents a lot of odd problems, for example trying to run dos doors.
That's what I thought, but I set permissions to 777 for the entire Mystic folder, and that didn't solve it.
Also, when you run './mis -daemon' are you running it as root or with sudo? I believe you need to run it with sudo as the user you want the
MIS should not be run as root.
You should use setcap instead to provide the MIS binary the capability
to bind to privileged port using this command:
sudo setcap 'cap_net_bind_service=+ep' /path/to/mis
This way, MIS can be started with a regular user and still be able to
bind to a low port, without root privilege.
sudo immediately after. It was done on purpose by the developer himself. You can take it up with him if you want to argue about what should and shouldn't be done. *shrug*
You should use setcap instead to provide the MIS binary the capability
to bind to privileged port using this command:
Error loading prelogin.mnu
Could it be a permission problem?
That's what I thought, but I set permissions to 777 for the entire Mystic folder, and that didn't solve it.
Not so much 777 or chmod. Did you install as root and are now trying to login as a user? If you do "ls -alh" in the Mystic folder who are the files owned by, and what group?
Also, when you run './mis -daemon' are you running it as root or with sudo? I believe you need to run it with sudo as the user you want the
BBS to run under. Mystic will automatically bind to lower ports and then give permissions over to said user.
That's what I thought, but I set permissions to 777 for the entire My folder, and that didn't solve it.
You should not set 777 to files except in some rare occasions.
Regular files should be 644 and directory 755 (depending on the need,
you may have to tweak this on a case by case basis).
Accession did mention something interesting which I didn't know and need to go validate, apparently MIS drops root privileges after bind, I need
to check this out.
Accession did mention something interesting which I didn't know and n to go validate, apparently MIS drops root privileges after bind, I ne to check this out.
It does, but it's not a silver bullet. Some issues remain.
For example, if you try running a dos door, you'll get an error about how /root/.dosemu doesn't exist (in spite of allegedly running as a non-root user). So I don't think it's smart to run with sudo or anything as there are gremlins here and there.
Sysop: | tracker1 |
---|---|
Location: | Phoenix, AZ |
Users: | 54 |
Nodes: | 25 (0 / 25) |
Uptime: | 179:52:46 |
Calls: | 367 |
Files: | 1,364 |
Messages: | 36,299 |