[EMAIL PROTECTED] wrote:
> I am a bit nervous running my fcgi django server as root. Is there a
> way of downgrading the process to another user id ? As I understand,
> execution does not run through the web server anymore (which is running
> as nobody)
I'm not a unix admin but I've managed to make it work on my FreeBSD
hosting and on my client's Debian. On FreeBSD I use "su username -c
'...'" and on Debian there is a "-c username" option for
start-stop-daemon script.
Attaching my scripts for FreeBSD's /etc/rc.d and Debian's /etc/init.d.
The latter is best made out of template /etc/init.d/skeleton be copying
it and changing paths, script names and tweaking d_start and d_stop.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
#! /bin/sh
### BEGIN INIT INFO
# Provides: my_server_fcgi
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: S 0 1 6
# Short-Description: Django FastCGI daemon
# Description: This file should be used to construct scripts to be
# placed in /etc/init.d.
### END INIT INFO
set -e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Django FastCGI daemon"
NAME=manage.py
DAEMON=/path/to/$NAME
SCRIPTNAME=/etc/init.d/my_server_fcgi
PIDFILE=/var/run/django/fcgi.pid
MINSPARE=1
MAXSPARE=10
MAXCHILDREN=100
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
#
# Function that starts the daemon/service.
#
d_start() {
start-stop-daemon --start --quiet -c username --pidfile=$PIDFILE \
--exec $DAEMON -- runfcgi socket=/path/to/socket daemonize=true
\
pidfile=$PIDFILE \
minspare=$MINSPARE maxspare=$MAXSPARE maxchildren=$MAXCHILDREN
\ method=prefork \
|| echo -n " already running"
}
#
# Function that stops the daemon/service.
#
d_stop() {
start-stop-daemon --stop --quiet -c username --pidfile=$PIDFILE \
|| echo -n " not running"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
d_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
d_stop
echo "."
;;
restart|force-reload)
#
# If the "reload" option is implemented, move the "force-reload"
# option to the "reload" entry above. If not, "force-reload" is
# just the same as "restart".
#
echo -n "Restarting $DESC: $NAME"
d_stop
# One second might not be time enough for a daemon to stop,
# if this happens, d_start will fail (and dpkg will break if
# the package is being upgraded). Change the timeout if needed
# be, or change d_stop to have start-stop-daemon use --retry.
# Notice that using --retry slows down the shutdown process somewhat.
sleep 2
d_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
exit 0
#!/bin/sh
#
# PROVIDE: my_server_fcgi
# REQUIRE: LOGIN cleanvar pgsql
. /etc/rc.subr
name="my_server_fcgi"
rcvar=`set_rcvar`
host="127.0.0.1"
port="8882"
pidfile="/var/run/django_fcgi/${name}.pid"
procname="/usr/local/bin/python"
command="/path/to/manage.py"
start_cmd="echo \"Starting ${name}.\"; su username -c '${command} runfcgi
host=${host} port=${port} daemonize=true pidfile=${pidfile}'"
timeout=300
load_rc_config $name
run_rc_command "$1"
