Hi Elizabeth,
What user do you recommend to own wotaskd, JavaMonitoir and our apps?
On Mac we would use appserver, but I don't know the preferred route on
Linux.
I'm used to create 2 new unprivileged users and 1 new group:
_ one for running wotaskd, eventualy JavaMonitor and the apps (lauched
by the wotaskd) , user has no shell.
_ one for updating apps, web server resources or frameworks, user got
bash or scponly (a limited shell where user can only use scp or sftp, in
a chroot or not)
The new group is the default for the new users.
For example :
groupadd wo
useradd -s /bin/bash -g wo -c "Added by MYSELF for MYSITE.COM updating
webobjects apps" -d /home/updater updater
useradd -s /bin/false -g wo -c "Added by MYSELF for MYSITE.COM running
webobjects apps" -d /NEXT_ROOT runner
all files in $NEXT_ROOT are owned by root except for:
_ $NEXT_ROOT/Local/logs (for apps & wotaskd) and
$NEXT_ROOT/Local/Library/WebObjects/Configuration (for JavaMonitor)
which are owned by runner
_ $NEXT_ROOT/Local/Library/WebObjects/Applications (and eventualy
$NEXT_ROOT/Local/Library/WebObjects/Extensions) which are owned by updater
Whatever the distribution, I use start-stop-daemon from Debian (provided
with the package of dpkg) to start/stop wotaskd or javamonitor, it's
better than su -c ... cause the user doesn't need a valid shell , also
it create a pid file.
(it start apps using directly the app's script and not javawoservice.sh)
Aurelien
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-deploy mailing list (Webobjects-deploy@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-deploy/archive%40mail-archive.com
This email sent to [EMAIL PROTECTED]
