diff options
author | Eric Wong <normalperson@yhbt.net> | 2009-11-04 08:10:48 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2009-11-04 00:27:47 -0800 |
commit | c81ed9a7e417e15b3c3e0ac500af52841b3f8575 (patch) | |
tree | 115e21a4434c9ef0732ea10fe37391f8dc4f5599 /lib/unicorn | |
parent | e5491062605d1d6bec1c43bfadb5e348c142df8d (diff) | |
download | unicorn-c81ed9a7e417e15b3c3e0ac500af52841b3f8575.tar.gz |
This must be called in the after_fork hook because there may be Ruby modules that'll allow things such as CPU affinity and scheduling class/priority to be set on a per-worker basis. So we give the user the ability to change users at any time during the after_fork hook.
Diffstat (limited to 'lib/unicorn')
-rw-r--r-- | lib/unicorn/configurator.rb | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/lib/unicorn/configurator.rb b/lib/unicorn/configurator.rb index aee4605..dcbf39a 100644 --- a/lib/unicorn/configurator.rb +++ b/lib/unicorn/configurator.rb @@ -147,16 +147,7 @@ module Unicorn # # drop permissions to "www-data" in the worker # # generally there's no reason to start Unicorn as a priviledged user # # as it is not recommended to expose Unicorn to public clients. - # uid, gid = Process.euid, Process.egid - # user, group = 'www-data', 'www-data' - # target_uid = Etc.getpwnam(user).uid - # target_gid = Etc.getgrnam(group).gid - # worker.tmp.chown(target_uid, target_gid) - # if uid != target_uid || gid != target_gid - # Process.initgroups(user, target_gid) - # Process::GID.change_privilege(target_gid) - # Process::UID.change_privilege(target_uid) - # end + # worker.user('www-data', 'www-data') if Process.euid == 0 # end def after_fork(*args, &block) set_hook(:after_fork, block_given? ? block : args[0]) |