On Wed, Jun 13, 2012 at 10:36 AM, Mark Huang <[email protected]> wrote: > Hi all, > > I recently transferred all my code to a production server and was trying to > start my application as another user. I am using Debian and running as root. > I entered the following command: > > pserve production.ini --user=www-data --group=www-data start > > This caused an import error: "No module named resource" > > I thought I didn't install the necessary packages to run my application so I > re downloaded everything again as root. It still didn't work. I'm thinking > if this has to do with a permissions issue, www-data user doesn't have access > to the modules in my virtual environment created by the root user. > > However if I just run pserve production.ini start, I get no such errors. Can > anybody help me?
It sounds like you're on the right track. The virtualenv needs to be readable by the user and/or group the program is running as. Even if certain modules have already been imported by the time pserve drops privileges, you'll still run into trouble with application supplemental modules. When you run 'pserve' without switching users, the virtualenv files are readable, so the problem doesn't arise. I set up my production directory like this: data/ -- Real-time data files, readable/writeable by www-data. apps/ -- Version-controlled application files, readable by www-data static/ -- Non-version-controlled application files (maintained manually or via cron jobs), readable by www-data. venv/ -- Virtual environments, readable by www-data. Each application has a subdirectory under these; e.g., data/app1/ . That way the permissions are simple and easy to audit: everything gets "normal" permissions except the 'data' directory. -- Mike Orr <[email protected]> -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
