On Apr 12, 2011, at 11:59 AM, Eric Wong wrote: > I'll make that more robust and release > 3.6.0 sometime this week with (hopefully) a few other minor > improvements.
Great. This is apparently an infrequent circumstance (uncommon configuration?), but there will be a next person who does this (or comparable silliness). >> Thanks for your reply, I'm off to comment on the GitHub blog post to >> try to warn others to use Unicorn::Worker#user instead of the example >> code in after_fork. > > Thanks, that seems to be a general problem with people relying on > blog/mailing list posts instead of consistently updated documentation. Indeed, but I read most of the unicorn docs, and examples/unicorn.conf.rb in 3.3.1 doesn't mention Unicorn::Worker#user, so I remained unaware until I read through worker.rb. Hey, I can help here. Here's a patch: >From de3178d98c81de3c8765cebd579ef3f7dd4b2d64 Mon Sep 17 00:00:00 2001 From: Emmanuel Gomez <[email protected]> Date: Tue, 12 Apr 2011 15:36:36 -0700 Subject: [PATCH] Document Unicorn::Worker#user in example unicorn conf. --- examples/unicorn.conf.rb | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/examples/unicorn.conf.rb b/examples/unicorn.conf.rb index 28a9e65..8b7ad47 100644 --- a/examples/unicorn.conf.rb +++ b/examples/unicorn.conf.rb @@ -84,4 +84,8 @@ after_fork do |server, worker| # and Redis. TokyoCabinet file handles are safe to reuse # between any number of forked children (assuming your kernel # correctly implements pread()/pwrite() system calls) + + # if running the master process as root and the workers as an unprivileged + # user, do this to switch euid/egid in the workers (also chowns logs): + # worker.user("unprivileged_user", "unprivileged_group") end -- 1.7.3.4 _______________________________________________ Unicorn mailing list - [email protected] http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
