On Dec 15, 2006, at 3:07 PM, Bill wrote:
> > The "Pylons Deployment with Daemontools" tutorial is great! > (http://pylonshq.com/project/pylonshq/wiki/DaemonTools) The only > snag I > ran into was in the /service/test/run script: > > #!/bin/sh > exec setuidgid myuser /home/myuser/bin/python -u server.py > > It turns out that on my system myuser belongs to more than one file > permissions group because some of the static files being served by my > pylons app are assigned to different permissions groups from older > applications. The run script, above, uses the setuidgid program from > daemontools so that the pylons server is not running as root in > production. The deamontools' docs state, "setuidgid sets its uid and > gid to account's uid and gid, removing all supplementary groups." My > problem was that by running without myuser's supplementary groups the > run script got permissions violations for those static files that > belonged to one of those supplementary groups. > > So instead of setuidgid I used sudo, like this: > #!/bin/sh > exec sudo -u myuser /home/myuser/bin/python -u serve.py > > That solved my problem since sudo honors the permissions for myuser's > supplementary groups. > Thanks for the info -- even better would be to add a blurb to the Wiki about it -- you can edit after logging in ;) -- Philip Jenvey --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
