OS X Quagga start at boot

Hi all,

I've got a Mac OS X 10.5.5 server that needs to use Quagga (zebra/bgpd) for it's routing.
Quagga itself is running fine when started by root and it's set to run as the quagga user.

The problem is that I can't get the daemons to start using LaunchDeamons and I get the following error:

bind: Permission denied

I assume this is because the daemon (in this case zebra) needs to bind to a socket, but no matter what I do it seems to have this problem.

I've tried several plist setups, but all to no avail.

Has anyone managed to get this to work?

Cheers
Skip
schipmolderAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DJDecayCommented:
have you tried setuid root on the binary?
0
schipmolderAuthor Commented:
I hadn't, but just tried it and same error.

The plist I'm using now is:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs$
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>zebra</string>
        <key>OnDemand</key>
        <false/>
        <key>Program</key>
        <string>/usr/local/sbin/zebra</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/local/sbin/zebra</string>
                <string>-d</string>
        </array>
</dict>
</plist>

0
DJDecayCommented:
/sbin/launchd is prob not running as root
otherwise you could specify

UserName <string>
     This optional key specifies the user to run the job as. This key is only applicable when launchd is
     running as root.

GroupName <string>
     This optional key specifies the group to run the job as. This key is only applicable when launchd is
     running as root. If UserName is set and GroupName is not, the the group will be set to the default
     group of the user.

zebra is supposed to drop root priv on it's own and become the zebra uid after it binds the privileged port. So root should be a good choice for both.

do a 'ps' for launchd and see if its running as root or some whacked out _securityagent  user
check this out for reference.

http://developer.apple.com/technotes/tn2005/tn2083.html


0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

schipmolderAuthor Commented:
Yeah, well launchd is running as root and when I start zebra manually (as root) it does drop to the 'quagga' user nicely, but the plist below only causes the same permissions error as before plus the "Throttling respawn: Will start in 10 seconds" message.

I've already looked at the tech note, but as far as I can see it should all work. Apparently I'm missing something thought.


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
      <key>Label</key>
      <string>zebra</string>
      <key>OnDemand</key>
      <false/>
      <key>Program</key>
      <string>/usr/local/sbin/zebra</string>
      <key>ProgramArguments</key>
      <array>
            <string>/usr/local/sbin/zebra</string>
            <string>-d</string>
      </array>
      <key>UserName</key>
      <string>root</string>
</dict>
</plist>

0
DJDecayCommented:
Group
0
DJDecayCommented:
You need UID and GID
0
schipmolderAuthor Commented:
Hi DJDecay,

Sorry for the delay, I had some other things to sort out before I could get back to this one.

Ok, I now have the following plist, but not sure what groupname to use.
With this plist I get the exact same permissions error by the way.
   

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>zebra</string>
        <key>OnDemand</key>
        <false/>
        <key>Program</key>
        <string>/usr/local/sbin/zebra</string>
        <key>ProgramArguments</key>
        <array>
                <string>/usr/local/sbin/zebra</string>
                <string>-d</string>
        </array>
        <key>UserName</key>
        <string>root</string>
        <key>GroupName</key>
        <string>wheel</string>
</dict>
</plist>

0
schipmolderAuthor Commented:
Does anyone have any ideas?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Mac OS X

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.