11 Oct
2002
11 Oct
'02
6:53 p.m.
Thanks Jerome, Johan,
it is called for you by PAM when you log in, AFAIK, this is why it works from your command line
That was the missing bit. After following some blind alleys (pam-python seems to be only available for py 1.5 and os.setgroups() is only available in py 2.2) the solution was to run in /etc/init.d/zope 'su www-data -c 'zope-z2 ARGS'' instead of just 'zope-z2 ARGS' so that PAM is called by su. I didn't even have to adjust the zope-z2 script because the os.setuid() is not called when it is not run as root. Data.fs.lock and some other stuff in /var/lib/zope/var is now owned by www-data instead of root, so it is not necessarily best practice but works. Have a nice weekend, -- Holger Blasum