On Fri, Oct 23, 2009 at 8:57 AM, Grzegorz Nosek <[email protected]> wrote:
> On Fri, Oct 23, 2009 at 08:33:28AM -0700, Roger Hoover wrote: > > I'm most of the way there on #2. The issue is that as far as I can tell > > there's no way to find out the umask for a user so I don't automatically > > know what permissions to chmod the FCGI socket with. Now, the choices > are > > > > a) Don't chmod the FCGI socket, just chown it to the uid/gid of the user > the > > process will run as > > > > b) Add socket_chown, socket_chmod args that only apply to unix domain > > sockets. This allows the most control for the user but the fact that the > > params don't always make sense is a bit awkward. > > > > [fcgi-program:test] > > command=/foo/bar.fcgi > > socket=unix:///tmp/test.socket > > socket_chown=rhoover:wheel ; this option would only apply to unix domain > > sockets > > socket_chmod=0777 ; this option would only apply to unix domain sockets > > user=nobody > > process_name=foo_%(process_num)s > > numprocs=2 > > > > Anyone have an opinion here? > > I'm for explicit owner and mode options. Apache-style FastCGI wrappers > are a pain. > Thanks. I was leaning this direction. > > Also, my vote would go to naming these options "socket_owner" and > "socket_mode" (or "socket_perm(s)"?) as I've heard enough of "setting > chmods" in my day ;) > That makes sense but I'm going for consistency with the existing unix_http_server section of the config. http://supervisord.org/manual/current/configuration.html#unix_http_server > > Best regards, > Grzegorz Nosek >
_______________________________________________ Supervisor-users mailing list [email protected] http://lists.supervisord.org/mailman/listinfo/supervisor-users
