如何在不使用root的情况下运行超级用户?


8

我似乎很难弄清楚为什么超级用户不能以非root用户身份运行。如果在用户设置为jason(pid 1000)的情况下启动它,则会在日志文件中得到以下内容:

2010-05-24 08:53:32,143 CRIT Set uid to user 1000
2010-05-24 08:53:32,143 WARN Included extra file "/home/jason/src/tsched/celeryd.conf" during parsing
2010-05-24 08:53:32,189 INFO RPC interface 'supervisor' initialized
2010-05-24 08:53:32,189 WARN cElementTree not installed, using slower XML parser for XML-RPC
2010-05-24 08:53:32,189 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2010-05-24 08:53:32,190 INFO daemonizing the supervisord process
2010-05-24 08:53:32,191 INFO supervisord started with pid 3444

...然后该进程死于某种未知原因。如果我不使用sudo(在用户jason下)启动它,则会得到类似的输出:

2010-05-24 08:51:32,859 INFO supervisord started with pid 3306
2010-05-24 08:52:15,761 CRIT Can't drop privilege as nonroot user
2010-05-24 08:52:15,761 WARN Included extra file "/home/jason/src/tsched/celeryd.conf" during parsing
2010-05-24 08:52:15,807 INFO RPC interface 'supervisor' initialized
2010-05-24 08:52:15,807 WARN cElementTree not installed, using slower XML parser for XML-RPC
2010-05-24 08:52:15,807 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2010-05-24 08:52:15,808 INFO daemonizing the supervisord process
2010-05-24 08:52:15,809 INFO supervisord started with pid 3397

...而且它仍然无法运行。如果有帮助,这是我正在使用的supervisord.conf文件:

[unix_http_server]
file=/tmp/supervisor.sock   ; path to your socket file

[supervisord]
logfile=./supervisord.log ; supervisord log file
logfile_maxbytes=50MB       ; maximum size of logfile before rotation
logfile_backups=10          ; number of backed up logfiles
loglevel=debug ; info, debug, warn, trace
pidfile=./supervisord.pid ; pidfile location
nodaemon=false              ; run supervisord as a daemon
minfds=1024                 ; number of startup file descriptors
minprocs=200                ; number of process descriptors
user=jason ; default user
childlogdir=./supervisord/            ; where child log files will live


[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
serverurl=unix:///tmp/supervisor.sock ; use unix:// schem for a unix sockets.

[include]

# Uncomment this line for celeryd for Python
files=celeryd.conf

# Uncomment this line for celeryd for Django.
;files=django/celeryd.conf

...这是celeryd.conf:

[program:celery]
command=bin/celeryd --loglevel=INFO --logfile=./celeryd.log

environment=PYTHONPATH='./tsched_worker',
            JIVA_DB_PLATFORM='oracle',
            ORACLE_HOME='/usr/lib/oracle/xe/app/oracle/product/10.2.0/server',
            LD_LIBRARY_PATH='/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/lib',
            TNS_ADMIN='/home/jason',
            CELERY_CONFIG_MODULE='tsched_worker.celeryconfig'

directory=.
user=jason
numprocs=1
stdout_logfile=/var/log/celeryd.log
stderr_logfile=/var/log/celeryd.log
autostart=true
autorestart=true
startsecs=10

; Need to wait for currently executing tasks to finish at shutdown.
; Increase this if you have very long running tasks.
stopwaitsecs = 600

; if rabbitmq is supervised, set its priority higher
; so it starts first
priority=998

谁能帮我弄清楚发生了什么事?


您是否触底?
2014年

Answers:


2

尝试注释掉此参数。如果未指定用户,则该用户应以启动该过程的用户ID运行。

user=jason ; default user

1

我对主管本人还很陌生,但我也正尝试使其与celeryd一起使用。现在,我很高兴supervisor能以root用户身份运行,就像使用init.d脚本运行一样。

无论如何,请查看超级用户的日志和错误日志文件。里面有什么?在Ubuntu 10.10上,它们位于/var/log/supervisor/supervisord.log。您可以在supervisorctl中使用命令“ maintail”进行查看。


1

也许有些无关,但请确保您不会犯与我相同的错误。我有一堆试图用作非root用户的目录和文件(日志文件),这些目录和文件意外地已经由root拥有,因此无法继续以非root用户身份进行监视。在这里写博客

By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.