Author: gabrielhurley
Date: 2010-10-18 19:58:03 -0500 (Mon, 18 Oct 2010)
New Revision: 14276
Modified:
django/trunk/docs/howto/deployment/fastcgi.txt
Log:
Fixed #7616 -- Added advice on unix socket permissions and umasks to fastcgi
deployment documentation. Thanks to Malcolm Tredinnick for the report and
advice, and PaulM and cramm for reviewing the patch.
Modified: django/trunk/docs/howto/deployment/fastcgi.txt
===================================================================
--- django/trunk/docs/howto/deployment/fastcgi.txt 2010-10-19 00:28:00 UTC
(rev 14275)
+++ django/trunk/docs/howto/deployment/fastcgi.txt 2010-10-19 00:58:03 UTC
(rev 14276)
@@ -110,7 +110,15 @@
Running a preforked server on a Unix domain socket::
./manage.py runfcgi method=prefork socket=/home/user/mysite.sock
pidfile=django.pid
+
+.. admonition:: Socket security
+ Django's default umask requires that the webserver and the Django fastcgi
+ process be run with the same group **and** user. For increased security,
+ you can run them under the same group but as different users. If you do
+ this, you will need to set the umask to 0002 using the ``umask`` argument
+ to ``runfcgi``.
+
Run without daemonizing (backgrounding) the process (good for debugging)::
./manage.py runfcgi daemonize=false socket=/tmp/mysite.sock maxrequests=1
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-upda...@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
