User to run ${command} as, using su(1) does not work for all reasons

[Volker Theile]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hello,

i came across the following problem while trying to run
transmission-daemon using user 'transmission'. When i modify the
transmission rc-script to use another user than root for execution i
added:

transmission_user=${transmission_user:-"transmission"}

Because there is not done a full login the transmission daemon tries
to create its config dir in /root/.config/transmission_daemon which
fails due missing permissions.

To fix that issue i modified the rc.subr file to allow the rc-script
to modify the 'su' option parameter.

transmission_suopt=${transmission_suopt:-"-l"}

rc.subr:

...
#    ${name}_groups    n    Comma separated list of supplementary groups
#                to run the chrooted ${command} with.
#                Requires /usr to be mounted.
#
#    ${name}_suopt    n    Command parameter for 'su'. Default is '-m'.
#
#    ${rc_arg}_cmd    n    If set, use this as the method when invoked;
#                Otherwise, use default command (see below)
...
eval _chdir=\$${name}_chdir    _chroot=\$${name}_chroot \
        _nice=\$${name}_nice    _user=\$${name}_user \
        _group=\$${name}_group    _groups=\$${name}_groups \
        _suopt=\$${name}_suopt

    if [ -n "$_user" ]; then    # unset $_user if running as that user
        if [ "$_user" = "$(eval $IDCMD)" ]; then
            unset _user
        fi
    fi

    if [ -z "$_suopt" ]; then # set default value
        _suopt="-m"
    fi
...
# setup the full command to run
                    #
            echo "Starting ${name}."
            if [ -n "$_chroot" ]; then
                _doit="\
${_nice:+nice -n $_nice }\
chroot ${_user:+-u $_user }${_group:+-g $_group }${_groups:+-G $_groups }\
$_chroot $command $rc_flags $command_args"
            else
                _doit="\
${_chdir:+cd $_chdir && }\
$command $rc_flags $command_args"
                if [ -n "$_user" ]; then
                    _doit="su $_suopt $_user -c 'sh -c \"$_doit\"'"
                fi
                if [ -n "$_nice" ]; then
                    if [ -z "$_user" ]; then
                        _doit="sh -c \"$_doit\""
                    fi   
                    _doit="nice -n $_nice $_doit"
                fi
            fi
...
_run_rc_killcmd()
{
    local _cmd

    _cmd="kill -$1 $rc_pid"
    if [ -n "$_user" ]; then
        _cmd="su ${_suopt} ${_user} -c 'sh -c \"${_cmd}\"'"
    fi
    echo "$_cmd"
}

Is there another way to get this working without modifying rc.subr?

Regards
Volker
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iEYEARECAAYFAkj+SP0ACgkQzsRXLGDcg0ot4ACfUtlJm17DkZIn23JIfKIBcVQO
sMUAmQEwMc+dWU0QEdwqri82ZQtM4pM8
=s953
-----END PGP SIGNATURE-----