supervisor进程权限管理
作者:互联网
异常现象
541端口不能被启动监听,是因为普通用户只能启动大于1024端口。只有root用户才有权限启动1024以下的端口.
supervisor修改启动用户
这样把supervisor进程由普通用户变成root用户启动
#Hansight Enterprise supervisor config file. [unix_http_server] file=/app/taishi/tmp/supervisor.sock ; (the path to the socket file) chown=admin ; [inet_http_server] ; inet (TCP) server disabled by default port=*:9001 ; (ip_address:port specifier, *:port for all iface) ;username=user ; (default is no username (open server)) ;password=123 ; (default is no password (open server) [supervisord] logfile=/app/taishi/logs/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) logfile_backups=10 ; (num of main logfile rotation backups;default 10) loglevel=info ; (log level;default info; others: debug,warn,trace) pidfile=/app/taishi/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) nodaemon=false ; (start in foreground if true;default false) user=admin ; (default is current user, required if root) minfds=655350 ; (min. avail startup file descriptors;default 1024) minprocs=655350 ; (min. avail process descriptors;default 200) ;umask=022 ; (process file creation umask;default 022) ;user=hansight ; (default is current user, required if root) ;identifier=supervisor ; (supervisord identifier, default is 'supervisor') ;directory=/tmp ; (default is not to cd during start) ;nocleanup=true ; (don't clean up tempfiles at start;default false) ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP) ;environment=KEY="value" ; (key value pairs to add to environment) ;strip_ansi=false ; (strip ansi escape codes in logs; def. false) [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///app/taishi/tmp/supervisor.sock ; use a unix:// URL for a unix socket [include] files=/app/taishi/etc/supervisord/*.ini普通用户
#Hansight Enterprise supervisor config file. [unix_http_server] file=/app/taishi/supervisor.sock ; (the path to the socket file) chown=root ; [inet_http_server] ; inet (TCP) server disabled by default port=*:9001 ; (ip_address:port specifier, *:port for all iface) ;username=user ; (default is no username (open server)) ;password=123 ; (default is no password (open server) [supervisord] logfile=/app/taishi/logs/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) logfile_backups=10 ; (num of main logfile rotation backups;default 10) loglevel=info ; (log level;default info; others: debug,warn,trace) pidfile=/app/taishi/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) nodaemon=false ; (start in foreground if true;default false) user=root ; (default is current user, required if root) minfds=655350 ; (min. avail startup file descriptors;default 1024) minprocs=655350 ; (min. avail process descriptors;default 200) ;umask=022 ; (process file creation umask;default 022) ;user=hansight ; (default is current user, required if root) ;identifier=supervisor ; (supervisord identifier, default is 'supervisor') ;directory=/tmp ; (default is not to cd during start) ;nocleanup=true ; (don't clean up tempfiles at start;default false) ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP) ;environment=KEY="value" ; (key value pairs to add to environment) ;strip_ansi=false ; (strip ansi escape codes in logs; def. false) [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///app/taishi/supervisor.sock ; use a unix:// URL for a unix socket [include] files=/app/taishi/etc/supervisord/*.iniroot用户
supervisor直接启动而不传递相关参数就会启动失败
只有supervisor进程本身由root启动,supervisor管理进程才能用root用户启动
supervisor重启正常
其他问题
标签:logfile,supervisor,supervisord,default,file,进程,权限,root 来源: https://www.cnblogs.com/yxh168/p/14838782.html