发表新帖
发表新帖

Starting supervisord as root or not?

前端 未结
关注
5 1065
别跟我提以往
别跟我提以往 2021-02-01 02:13

Supervisor is running on 3.0:

pip freeze | grep supervisor
supervisor==3.0

When starting supervisord from the command line:

sud
相关标签:
5条回答
  • 天涯浪人
    2021-02-01 02:46

    When you start supervisor as root, you need to specify a user for supervisor to drop to for security reasons

    From the supervisor docs (http://supervisord.org/configuration.html):

    user
If supervisord is run as the root user, switch users to this UNIX user account before doing any meaningful processing. 
This value has no effect if supervisord is not run as root.

    Put this in your conf file:

    [supervisord]
user=nobody

    The user should be a user which exists, but does not have sudo permissions (nobody can work).

    0 讨论(0)
  • 野趣味
    2021-02-01 02:46

    My environment :

    Homestead+laravel ubuntu18 LTS

    I had the same problem,
    Be sure to control that the file belongs to the correct owner.

    1.Starting supervisor must use root

    example:

    vagrant@homestead:~$ sudo supervisord -c /etc/supervisord.conf
vagrant@homestead:~$ ps -aux|grep supervisord
root     12145  0.0  0.8  71144 16744 ?        Ss   07:20   0:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf

    you may kill all processing of supervisor and re-run

    2.Try not to use root run job.

    My job conf is /etc/supervisor/conf.d/lara*.conf,user is vagrant

    my job conf

    chown log file to vagrant,invole file related supervisor.conf

    my supervisor conf

    then

    run supervisorctl status use vagrant

    job run

    0 讨论(0)
  • 旧时难觅i
    2021-02-01 02:48

    You got:

    Per my understanding, you got this CRIT message which is bothering you:

    CRIT Supervisor running as root (no user in config file)

    The words in brackets is a clue. This message indicates that you may be running Supervisor as root unintentionally.

    Do this:

    So the solution is pretty simple: Tell Supervisor that you are doing this intentionally.
    (in /etc/supervisor/supervisord.conf)

    [supervisord]
user = root

    Once you run Supervisord as root, it sets uid to the user you assigned, which is, root. (#308)

    Not important:

    Although now you may get this message:

    CRIT Set uid to user 0

    No worries, this message should be a INFO level rather than a CRIT level. (#693)

    0 讨论(0)
  • -上瘾入骨i
    2021-02-01 02:50

    Supervisord switches to UNIX user account before any processing.

    You need to specify what kind of user account it should use, run the daemon as root but specify user in the config file

    Example:

    [program:myprogram]
command=gunicorn --worker-class socketio.sgunicorn.GeventSocketIOWorker app.wsgi:application -b 127.0.0.1:8000
directory=/opt/myprogram
user=user1
autostart=true
autorestart=true
redirect_stderr=True

    Visit http://supervisord.org/configuration.html#program-x-section-values for more information

    0 讨论(0)
  • 走了就别回头了
    2021-02-01 02:50

    For me, I received this error while running as a non-root user:

    Error: Cannot open an HTTP server: socket.error reported errno.EACCES (13)

    This went away after I chowned the directory holding the sock file to that user.

    In your case:

    [unix_http_server]
file = /opt/run/supervisord.sock

    Either chown username /opt/run/, or point the file to another directory that is owned by the user.

    I learned this approach from this link.

    Additionally, my sysadmins installed an init.d script I wrote. The init.d script is run as root, but the script can get supervisord to start on myuser with this command:

    SUPERVISORD=/path/to/supervisord
PIDFILE=/path/to/supervisord.pid
OPTIONS='-c /path/to/supervisord.conf'
daemon --pidfile=$PIDFILE --user=myuser $SUPERVISORD $OPTIONS
    0 讨论(0)
 看不清?
提交回复
热议问题