On Wednesday, January 18, 2023 at 4:20:16 AM UTC-5, Al wrote:
> > Finally, I recursively changed the owner of the Mystic directory and files to 
> > root leaving the sysop group unchanged. This worked, no errors. I now am 
> > trying to determine what the correct permission settings for the directories 
> > and folders should be so that I can run Mystic as the sysop user as the owner 
> < and group so that root is not exposed. Is there a way to give the sysop user 
> > permissions to the ethernet ports so Mystic can use the IP ports when 
> > running as the sysop user?
> I use setcap here to give a server access to ports below 1024. 
> 
> You need to be root (or use sudo) to run this command. 
> 
> sudo setcap 'cap_net_bind_service=+ep' /mystic/mis 
> 
> You can then use getcap to check that mis has the permisions to open those 
> ports. There is a write here on the synchronet wiki. 
> 
> https://wiki.synchro.net/howto:linux_non-root 
> 
> It talks about this and other methods. 
> 
> If you happen to run mis or mutil as root you can end up with these kind of 
> permissions issues so best not to do that. :)
Thank you g00r00 and Al. I appreciate your help and have it working except nodespy.

With /mystic owner as user:user and running mis with "sudo ./mis server", I did see in the node's temp directory that the exported message was owned by the BBS user that owns mystic and not root.  However, I received the errors in the log, "Cannot find 
arctype" and "is not a valid PKT".

After I ran "sudo setcap 'cap_net_bind_service=+ep' /mystic/mis" as suggested by Al, I could start mystic running with "./mis server" and binkp and telnet was able to bind to IPV4.  Mutil is now able to run without errors! This is with /mystic owner as 
user:user not root:user.

Success! Thank you!

The only issue left is nodespy.  When I run nodespy with or without sudo, it is unable to establish a snoop session.  Do you have any suggestions to get this to work?

Gandalf

--- SoupGate-Win32 v1.05