1

I have coturn running on a server and it runs as usual systemd process as user root.

Can someone tell me how I could make coturn run as user coturn ?

p.s. could someone modify the Tags and add coturn , turn and sturn because I need 300 reputation for this, and I have only 225-

A.B
  • 9,037
  • 2
  • 19
  • 37
Max Muster
  • 297
  • 1
  • 5
  • 26
  • 1
    (after checking): coturn on debian 9, available as a sysv init start script, starts as root (even if there appears to be some preliminary settings for user turnserver). coturn on Debian 10 runs as user turnserver. So does that mean you are running Debian 9 rather than Debian 10? – A.B Dec 22 '20 at 20:50
  • I run a Debian 9 but I'l check if I can upgrade coturn. – Max Muster Dec 23 '20 at 14:21
  • Don't try to mix a package from Debian 10 on Debian 9. I could see two options: backport the package(s) from buster to stretch, or just steal the coturn.service from buster and adapt it to stretch (if any needed at all). Oh and of course a 3rd option: upgrade the system to Debian 10. – A.B Dec 23 '20 at 15:26
  • 1
    Just noticed there's a coturn in stretch-backports already – A.B Dec 23 '20 at 15:47

1 Answers1

2

OP is running Debian 9. On Debian 9, the coturn package has a start script (only) available as sysv init script, and while the start scripts already takes some actions in relation to user turnserver, coturn is still run as root.

On Debian 10, while the same sysv script will probably behave the same, there's also a coturn.service file, which starts coturn with User=turnserver and Group=turnserver, so systemd will use it.

The good news is that there's already a stretch-backport version of this package, currently version 4.5.1.0-1~bpo9+1. So one just has to add the stretch-backports repository and upgrade the coturn package, as documented there: https://backports.debian.org/Instructions/ (but using stretch-backports rather than buster-backports).

The service will then run as the dedicated user turnserver.

A.B
  • 9,037
  • 2
  • 19
  • 37