Fixed #7616 -- Added advice on unix socket permissions and umasks to fastcgi deployment documentation. Thanks to Malcolm Tredinnick for the report and advice, and PaulM and cramm for reviewing the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14276 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Gabriel Hurley
parent
7f9da79bac
commit
3739f89b44
|
|
@ -111,6 +111,14 @@ Running a preforked server on a Unix domain socket::
|
||||||
|
|
||||||
./manage.py runfcgi method=prefork socket=/home/user/mysite.sock pidfile=django.pid
|
./manage.py runfcgi method=prefork socket=/home/user/mysite.sock pidfile=django.pid
|
||||||
|
|
||||||
|
.. admonition:: Socket security
|
||||||
|
|
||||||
|
Django's default umask requires that the webserver and the Django fastcgi
|
||||||
|
process be run with the same group **and** user. For increased security,
|
||||||
|
you can run them under the same group but as different users. If you do
|
||||||
|
this, you will need to set the umask to 0002 using the ``umask`` argument
|
||||||
|
to ``runfcgi``.
|
||||||
|
|
||||||
Run without daemonizing (backgrounding) the process (good for debugging)::
|
Run without daemonizing (backgrounding) the process (good for debugging)::
|
||||||
|
|
||||||
./manage.py runfcgi daemonize=false socket=/tmp/mysite.sock maxrequests=1
|
./manage.py runfcgi daemonize=false socket=/tmp/mysite.sock maxrequests=1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue