-
- Downloads
Make passenger rubyapp runs as obsapi user.
Passenger's default user is nobody: https://www.phusionpassenger.com/library/config/nginx/reference/#passenger_default_user So that we got Passenger and the RubyApp runs as nobody. However, according to Debian's SystemGroup usage: https://wiki.debian.org/SystemGroups nogroup (user: nobody): Daemons that need not own any files run as user nobody and group nogroup. Thus, no files on a system should be owned by this user or group. So that we should create a new user call 'obapi' and force passenger app to run as obs-api instead. And config files should be readable by that obsapi user but usually not writable. Signed-off-by:Andrew Lee (李健秋) <ajqlee@debian.org>
parent
dff667d0
No related branches found
No related tags found
Showing
- debian/obs-apache2.conf 1 addition, 0 deletionsdebian/obs-apache2.conf
- debian/obs-api.postinst 20 additions, 3 deletionsdebian/obs-api.postinst
- debian/obs-api.postrm 3 additions, 0 deletionsdebian/obs-api.postrm
- debian/rake-tasks.sh 4 additions, 4 deletionsdebian/rake-tasks.sh
- debian/rules 3 additions, 0 deletionsdebian/rules
Please register or sign in to comment