[EMAIL PROTECTED] wrote: > I am a bit nervous running my fcgi django server as root. Is there a > way of downgrading the process to another user id ? As I understand, > execution does not run through the web server anymore (which is running > as nobody)
I'm not a unix admin but I've managed to make it work on my FreeBSD hosting and on my client's Debian. On FreeBSD I use "su username -c '...'" and on Debian there is a "-c username" option for start-stop-daemon script. Attaching my scripts for FreeBSD's /etc/rc.d and Debian's /etc/init.d. The latter is best made out of template /etc/init.d/skeleton be copying it and changing paths, script names and tweaking d_start and d_stop. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
#! /bin/sh ### BEGIN INIT INFO # Provides: my_server_fcgi # Required-Start: $local_fs $remote_fs # Required-Stop: $local_fs $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: S 0 1 6 # Short-Description: Django FastCGI daemon # Description: This file should be used to construct scripts to be # placed in /etc/init.d. ### END INIT INFO set -e PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DESC="Django FastCGI daemon" NAME=manage.py DAEMON=/path/to/$NAME SCRIPTNAME=/etc/init.d/my_server_fcgi PIDFILE=/var/run/django/fcgi.pid MINSPARE=1 MAXSPARE=10 MAXCHILDREN=100 # Gracefully exit if the package has been removed. test -x $DAEMON || exit 0 # # Function that starts the daemon/service. # d_start() { start-stop-daemon --start --quiet -c username --pidfile=$PIDFILE \ --exec $DAEMON -- runfcgi socket=/path/to/socket daemonize=true \ pidfile=$PIDFILE \ minspare=$MINSPARE maxspare=$MAXSPARE maxchildren=$MAXCHILDREN \ method=prefork \ || echo -n " already running" } # # Function that stops the daemon/service. # d_stop() { start-stop-daemon --stop --quiet -c username --pidfile=$PIDFILE \ || echo -n " not running" } case "$1" in start) echo -n "Starting $DESC: $NAME" d_start echo "." ;; stop) echo -n "Stopping $DESC: $NAME" d_stop echo "." ;; restart|force-reload) # # If the "reload" option is implemented, move the "force-reload" # option to the "reload" entry above. If not, "force-reload" is # just the same as "restart". # echo -n "Restarting $DESC: $NAME" d_stop # One second might not be time enough for a daemon to stop, # if this happens, d_start will fail (and dpkg will break if # the package is being upgraded). Change the timeout if needed # be, or change d_stop to have start-stop-daemon use --retry. # Notice that using --retry slows down the shutdown process somewhat. sleep 2 d_start echo "." ;; *) echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 exit 3 ;; esac exit 0
#!/bin/sh # # PROVIDE: my_server_fcgi # REQUIRE: LOGIN cleanvar pgsql . /etc/rc.subr name="my_server_fcgi" rcvar=`set_rcvar` host="127.0.0.1" port="8882" pidfile="/var/run/django_fcgi/${name}.pid" procname="/usr/local/bin/python" command="/path/to/manage.py" start_cmd="echo \"Starting ${name}.\"; su username -c '${command} runfcgi host=${host} port=${port} daemonize=true pidfile=${pidfile}'" timeout=300 load_rc_config $name run_rc_command "$1"