为什么在capistrano生成的文件上部署权限被拒绝? [英] Why am I getting Permission denied error in deployment on files generated by capistrano?
问题描述
我有一个失败:sh -c'cd / var / www 错误,然后通过在deploy.rb ...中添加以下内容来修复它: p>
I was having a failed: "sh -c 'cd /var/www error. Then fixed it by adding the following in deploy.rb...
set :default_environment, {
'PATH' => "/var/lib/gems/1.9.1/bin:$PATH"
}
现在我得到这个新的错误。 >
Now I'm getting this new error.
** [out :: ip.address] Rails Error: Unable to access log file. Please ensure that /var/www/releases/20111208152807/log/production.log exists and is chmod 0666. The log level has been raised to WARN and the output directed to STDERR until the problem is fixed.
** [out :: ip.address] mkdir -p /var/www/releases/20111208152807/public/assets
** [out :: ip.address] mkdir -p /var/www/releases/20111208152807/public/assets
** [out :: ip.address] mkdir -p /var/www/releases/20111208152807/public/assets
** [out :: ip.address]
** [out :: ip.address] mkdir -p /var/www/releases/20111208152807/public/assets
** [out :: ip.address] mkdir -p /var/www/releases/20111208152807/public/assets
** [out :: ip.address]
** [out :: ip.address] rake aborted!
** [out :: ip.address]
** [out :: ip.address] Permission denied - /var/www/releases/20111208152807/public/assets/manifest.yml
所以我检查了manifest.yml和production.log上的ls -lha和yes的权限,他们拥有按根。
So I checked the permissions on manifest.yml and production.log with ls -lha and yes, they're owned by root.
capistrano 部署是由拥有/ var / www目录的linux用户(而不是root)完成的。我猜这是因为创建这些文件的任何命令都是赋予它们root权限。
The capistrano deployment is being done by a linux user (not root) that owns the /var/www directory. I'm guessing it's because whatever command is creating those files is giving them root ownership.
澄清:
我知道可能只是使用root部署将会解决问题,但是我不想使用root。
CLARIFICATION: I know that probably just deploying using root will fix the problem but I don't want to use root.
推荐答案
您不应该拥有由 root 拥有的网络应用程序文件,他们应由非特权用户拥有。虽然用户在Web服务器之间有所不同,而且您的Web服务器的设置通常用户是 www-data (对于Apache)或 nobody (对于Nginx)。
You should never have web application files owned by root, They should be owned by a non privileged user. While the user varies between web servers and how your web server is set up generally the user is www-data (for Apache) or nobody (for Nginx).
要删除您想要运行错误中提到的命令的错误:
And to remove your error you want to run the command mentioned in the error:
chmod 0666 /var/www/releases/20111208152807/log/production.log 将设置文件以读取每个用户的写入权限。
chmod 0666 /var/www/releases/20111208152807/log/production.log will set the file to read write permissions for every user.
这些权限可能有点宽容,所以如果您需要,可以限制他们。
Those permissions may be a bit permissive so you can restrict them if you feel the need.
这篇关于为什么在capistrano生成的文件上部署权限被拒绝?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
