[英]Rails Capistrano deployment user
Currently I deploy my Rails 3.1 app with user "root". 目前,我以用户“ root”部署我的Rails 3.1应用程序。 I know it's bad :) but which user should I use ? 我知道这很糟糕:)但是我应该使用哪个用户? Why ? 为什么呢 And what permissions should I set on the files so that Apache/Passenger etc. can access them ? 我应该在文件上设置什么权限,以便Apache / Passenger等可以访问它们?
Thanks for your help, I'd like to understand what's happening beyond the surface. 感谢您的帮助,我想了解表面上正在发生的事情。
One way of setting the user/permissions for something like what you've described would be to create a new user specifically for your application and change the owner/group of your app's deploy directory and its contents to yourappuser:apache
. 为上述内容设置用户/权限的一种方法是为应用程序专门创建一个新用户,并将应用程序的deploy目录的所有者/组及其内容更改为yourappuser:apache
。
The idea is to disallow any kind of operation from everyone except from yourappuser
, which should be able to do everything, and apache, which should be able to read its contents. 这样做的目的是禁止所有人进行任何类型的操作,但您的yourappuser
和apache都应该能够执行所有操作,而yourappuser
应该能够执行所有操作。
In order to do this, you can then change the permissions on this folder to allow its owner to read/write/execute and its group to read its contents, while disallowing everything from any other user (740, for instance). 为此,您可以更改此文件夹的权限,以允许其所有者读取/写入/执行,并允许其组读取其内容,同时禁止任何其他用户(例如740)进行任何操作。
There are many other approaches, but I tend to use this one. 还有许多其他方法,但是我倾向于使用这种方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.