Forum: Rails deployment user id's - best practice - apache2 + mongrel_cluster + capi

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Scott Eckenrode (Guest)
on 2007-05-23 05:36
(Received via mailing list)
I am looking for a best practice as far as setting up a deployment
user goes.

I have 3 boxes - development, svn, production and have setup a common
deployment user for all 3 boxes (same user).  I'm using ssh key access
to hit the 2 boxes from my development box.  I have successfully
deployed to production via capistrano v2 (1.99) using deploy via svn
export;  on my production box, i'm running apache2.2 with user/group
set to www and have mongrel_cluster working ok - except
mongrel_cluster is currently running as root.  In order to get cap to
deploy properly, i had to make deployment account an administrator
(deploying to mac osx) .... have read zed's mongrel short cut plus the
cap short cut plus googled everything ... and i'm looking for a best
practice on setting up the deployment user .... right now ps axj shows
my mongrel processes running as root; my httpd running as www ....
what's the best (security-wise) setup for these users and permissions
on the directories ...

Any pointers or links would be appreciated.

Thanks.
This topic is locked and can not be replied to.