# Service and user nobody



## Nutz (Nov 11, 2020)

Hello all,

Hope you are all fine !

I have a question concerning the nobody user, i used to install an exporter prometheus on old FreeBSD 11.1 server.
I'm able to start without any issues the node_exporter service.

But it's different with FreeBSD12.1, I'm not able to do it until I change the :

```
: ${node_exporter_user:="nobody"}
: ${node_exporter_group:="nobody"}
```

with user & group root..which I would like to avoid.

I got the error :

```
Starting node_exporter.
su: /usr/local/bin/zsh: Permission denied
/usr/local/etc/rc.d/node_exporter: WARNING: failed to start node_exporter
```

The only one what is able to start is ctld_exporter cause its build from go language.
`goprogram_user="nobody"`

I checked all permission and that's sound corrects...

br,
!!!


----------



## SirDice (Nov 11, 2020)

Nutz said:


> i used to install an exporter prometheus


Which one exactly? I found several and they all seem to have different scripts.


----------



## Nutz (Nov 12, 2020)

Hi Sirdice,

this one :sysutils/node_exporter


----------



## SirDice (Nov 12, 2020)

Great, now I can read the actual rc too. Looking through it the rc(8) script is not the one doing the su(1), so I suspect it's the node exporter code itself that does this. It looks like they're not using the `-m` option. 


```
root@williscorto:~ # su nobody
This account is currently not available.
root@williscorto:~ # su -m nobody
You have mail.
nobody@williscorto:~ %
```

The nobody account cannot be used as a login shell because it has /usr/sbin/nologin. Don't be tempted to change the account, there's a very good reason why this is not allowed.


----------



## Nutz (Nov 12, 2020)

Hi,

Thanks for the details.

But the issue may not be related to the exporter itself...
I tried to 
	
	



```
su nobody
```
 and i got this error message :


```
su: /usr/sbin/nologin: Permission denied
```

EDIT: I just try with a fresh install of FBSD12 and dont have any errors, im able to launch node_exporter with user nobody as expected.
So there is something wrong with the others filers installed via mfsbsd and kernel/base.txz..


----------



## 0mp (Nov 16, 2022)

Nutz said:


> I tried to
> 
> 
> 
> ...


Could it be that /usr/sbin/nologin ended up without the execute bit permission (i.e., the bits that you can set with `chmod`)?


----------

