My only problem with Maurit's technique is that it leaves the daemon able to write into its own code space.
Instead, I'd make sure that all the .pyc files have been generated, then change the owner of everything but ./var (and ./logs if it's separate) to some identity other than the daemon operator. Steve On Tue, Aug 19, 2008 at 2:54 PM, Maurits van Rees < [EMAIL PROTECTED]> wrote: > afewtips.com, on 2008-08-19: > > > > I am doing my first buildout and everything works perfectly until... > > > > sudo ./bin/instance fg > > I have changed the effective user, the user name... all the same. Do I > need > > to create a zope user or can I run the instance under my login (which is > > admin rights)? > > The user running zope should not have too much rights. That at least > means he should not be root. You can debate which unix groups the > user is allowed to be in. > > The only reason I know for starting the instance as root with the > effective user set, is if you want your zope instance available at a > port number below 1024 (that range is reserved for root). But you > have port 8080 so that is not necessary. > > In all buildouts I have used so far: > - I have created the buildout as normal user. > - I have not set effective user. > - I have started the instance as normal user. > - I have not used sudo or su for starting the instance. > > -- > Maurits van Rees | http://maurits.vanrees.org/ > Work | http://zestsoftware.nl/ > "This is your day, don't let them take it away." [Barlow Girl] > > > _______________________________________________ > Setup mailing list > [email protected] > http://lists.plone.org/mailman/listinfo/setup > -- Steve McMahon Reid-McMahon, LLC [EMAIL PROTECTED] [EMAIL PROTECTED]
_______________________________________________ Setup mailing list [email protected] http://lists.plone.org/mailman/listinfo/setup
