Have main processes run as non-priveledged user

[gaenserich]

Instead of having all of hostsblock run as root, have only the needed processes do so, e.g.

• sending signals to any dnscachers to restart
• write to files under /etc

Will sudo work for these other situations, or is there another method?

[pickfire]

I think sudo is the best method. Using su at one point of the code is nice too, just to let the users know that they are changing something that is important.

[pickfire]

I will work on this in the future branch, what I will do in order (probably):

• Becoming root is optional
• dnsmasq configuration is changed optionally
• Simplify the code into a single script
• Use a simple Makefile instead of a script
• Make it available for different distros
• Write the manual pages

[Sadi58]

Sounds great!
Maybe when simplifying the code into a single script you could also address the issue I've raised about checking the online sources for any changes first, and then going ahead with updating those with changes (e.g. 2 separate functions)

[pickfire]

@Sadi58 I will, just leave it to me, the code is a bit long too, need to shorten it a bit.

[pickfire]

@gaenserich When I am reading the code, I found all those debugging info very annoying, by the way, can I just remove those extra useless code? It is a lot easier to debug with set -x.

And I will remove those lines which aren't really needed so hostsblock can be really runned as a script.
But I will work on this in the future branch.

[gaenserich]

Feel free to start a branch (1.1 ?) for your debugging clean ups. What precisely do you mean by "running as a script"?: -Remove "source" calls to hostsblock-common.sh? I'm all for simplification, but moving the functions in hostsblock-common.sh will actually lead to additional duplication between hostsblock.sh and hostsblock-urlcheck.sh (they both have certain functions in common) -Be able to run the script directly from the command line? That you can already do as root (you don't have to run it via systemd or cron. -Run it just as "hostsblock.sh" instead of "hostsblock"? There's not substantive difference between the two.

[pickfire]

Yeah, I mean to use only one script for everything with the support of running uninteractively (cronjob-friendly).

[gaenserich]

hostsblock is already cronjob friendly. Just configure hostsblock.conf and enter it into the crontab or symlink it into your cron.daily directory or the like. Or did you mean that hostsblock-urlcheck should also be included into the main script?

[pickfire]

Yeah, I would like to include hostsblock-urlcheck in the main script too.

[pickfire]

Yeah, I would like to include hostsblock-urlcheck in the main script too.

[Wabuo]

Let's look how the guys behind Yaourt did it maybe we can Learn something.

[gaenserich]

Fixed. Now uses user "hostsblock", and possible to (in the future) secure it down further using chroot.
a28f19c