PID file for prosody is writeable by the prosody user
According to the OpenRC docs, PID files should be writeable only by root, but when prosody is run using the packaged service script, /run/prosody
and /run/prosody/prosody.pid
both have user and group prosody
:
# stat /run/prosody
File: /run/prosody
Size: 60 Blocks: 0 IO Block: 4096 directory
Device: 100074h/1048692d Inode: 131 Links: 2
Access: (0770/drwxrwx---) Uid: ( 101/ prosody) Gid: ( 102/ prosody)
Access: 2023-05-24 19:23:15.298571780 -0700
Modify: 2023-05-24 18:20:32.740457094 -0700
Change: 2023-05-24 18:20:32.740457094 -0700
# stat /run/prosody/prosody.pid
File: /run/prosody/prosody.pid
Size: 3 Blocks: 8 IO Block: 4096 regular file
Device: 100074h/1048692d Inode: 132 Links: 1
Access: (0770/-rwxrwx---) Uid: ( 101/ prosody) Gid: ( 102/ prosody)
Access: 2023-05-24 18:20:32.904452480 -0700
Modify: 2023-05-24 18:20:32.904452480 -0700
Change: 2023-05-24 18:20:32.904452480 -0700