Search Results

Search found 82 results on 4 pages for 'setuid'.

Page 3/4 | < Previous Page | 1 2 3 4  | Next Page >

• Is it possible for root to execute a command as non-root

  - by adnan kamili

  I am root user and suppose i want to run any application as another user. is it possible, without switching to another user. Something like # google-chrome user=abc I am actually executing a cli program as a non root user. I have set the sticky bit on and i am using setuid. So the program runs with root privileges. Now i am using system() with in the program to invoke gui app. But i dont want to run it as root. so i want to temporarily drop root privileges only for that call.

  Read the article

• Ubuntu issues when moving hard disk to new system

  - by Tim

  I'm working on a legacy project with a small single board computer running Ubuntu 10.04 on a compact flash card. I need to be able to save away a working image (via dd) and copy said image to other compact flash cards for use in other single board computers (with identical hardware) I'm able to copy the image to other flash cards and bootup on other systems no problem. But I'm seeing strange behavior. For instance, I can't use sudo on the new system (“sudo: must be setuid root”). I've gone down the path of trying to fix this, but have run into a slew of other issues. General question is: what do I need to be aware of when moving a hard disk containing Ubuntu (in my case a compact flash card) to another computer? I was hoping it would be seamless to Ubuntu since it's moving to a system with identical hardware. Is there something that needs to be done to make it "portable"?

  Read the article

• Why does my $LD_LIBRARY_PATH get unset when using screen with bash?

  - by UltraNurd

  This is related to http://superuser.com/questions/27376/why-does-my-ld-library-path-get-unset-launching-terminal, but a different set of symptoms. First, /usr/bin/screen is setuid as per the other question. Second, the default shell on this system is /bin/tcsh for various historical reasons, and we're not allowed to chsh to /bin/bash, so I typically run bash manually immediately after login. Third, I almost always use screen, but I want ctrl-a ctrl-c in screen to create a new bash "tab", so I always invoke bash first. That is: {~} $ echo $SHELL /bin/tcsh {~} $ bash [~] echo $SHELL /bin/bash [~] screen -U [~] ...and when reconnecting: {~} $ echo $SHELL /bin/tcsh {~} $ screen -dUr [~] echo $SHELL /bin/bash [~] However, my $LD_LIBRARY_PATH is there in tcsh, there in bash, but empty once I run screen; it is still present if I just run screen from tcsh, but then I get new tcsh "tabs" when I use ctrl-a ctrl-c in screen. Any ideas?

  Read the article

• non-privileged normal user passing environment variables to /bin/login [closed]

  - by AAAAAAAA

  Suppose that in FreeBSD (or linux maybe) there is a non-privileged normal user (non-superuser). And there is a telnet standalone (I know that telnet is usually run under inetd) running under (owned by) this user. (Suppose that there was no original, root-owned telnet running.) This telnet server is programmed so that it does not check ld_* environment variables before passing it to /bin/login owned by root that has setuid set up. The question would be: 1. Will this telnet work? 2. If it does work, will it even be able to pass environment variables to /bin/login?

  Read the article

• How do I launch a process as a specific user at startup on OS X?

  - by Scott Bonds

  I would like to run a script as a particular user on startup (not on login). I thought a launchd LaunchDaemon would do it, but 'man launchd' says: "If you wish your service to run as a certain user, in that user's environment, making it a launchd agent is the ONLY supported means of accomplishing this on Mac OS X. In other words, it is not sufficient to perform a setuid(2) to become a user in the truest sense on Mac OS X." They aren't kidding--when I try to run my script as a LaunchDaemon it doesn't work. In particular I'm trying to automate some keychain operations using the 'security' command, and it won't let me change the default keychain when I run the script through LaunchDaemon, though the script works fine when run using sudo from a shell. A LaunchAgent won't work, because the goal is for the proces to run without a user logging in and LaunchAgents only run when someone logs in. I looked at cron and the @reboot directive and that looks promising, but I read that cron is deprecated on OSX.

  Read the article

• how to have files created by CMS have the same ownership as SSH user

  - by Cam

  I am having difficulty on our ubuntu server whereby I have an SSH user that when I create files using this user the ownership is web_user:www-data The problem is when a file is uploaded or created using a content management system like joomla. When files are uploaded through Joomla - such as components / modules... The ownership is set to www-data:www-data This means that I need to then chown all new files to web_user:www-data so we can edit the files. Is there a way to set for a directory and sub-directories that all new files created have the ownership of web_user:www-data? Do I need to use something like setuid or setgid? Any help would be greatly appreciated.

  Read the article

• how to have files created by CMS have the same ownership as SSH user

  - by Cam

  I am having difficulty on our ubuntu server whereby I have an SSH user that when I create files using this user the ownership is web_user:www-data The problem is when a file is uploaded or created using a content management system like joomla. When files are uploaded through Joomla - such as components / modules... The ownership is set to www-data:www-data This means that I need to then chown all new files to web_user:www-data so we can edit the files. Is there a way to set for a directory and sub-directories that all new files created have the ownership of web_user:www-data? Do I need to use something like setuid or setgid? Any help would be greatly appreciated.

  Read the article

• unable to properly execute binaries from PHP

  - by Lowgain

  I was building an app on a SUSE box, and had a binary called create_group for instance, which had a suid bit and allowed my PHP app to call exec('create group grpname'); and create a new group (there are others for users, etc). The binary was a small c script that calls setuid(0) and then runs the user creation stuff. This worked perfectly on the SUSE box I recently moved my project to Ubuntu and everything works fine except these binaries. I can run them from the shell and they work okay, but when I get the PHP app to run them it just does nothing. Is there anything Ubuntu would be doing differently that I'm missing?

  Read the article

• What sysadmin must do to run OS with damaged /lib/libc.so file ? / rsyslogd daemon logrotation / deny checking list of running processes

  - by Virtual_Lotos

  What sysadmin must do to run OS with damaged /lib/libc.so file ? In other words, how command interpreter should be configured to be able to run system with corrupted /lib/libc.so file ? Do I have to move it to /var catalog ? Does the command interpreter must be statically compiled or have setuid attribute or perhaps must be a symbolic link to /bin/sh or must be no larger than 2MB ? How to prevent a user from checking list of processes started by another user ? How do I forbid a user to see which processes are running by another user ? What do I have to keep in mind when I want to make rsyslogd daemon logrotation ?

  Read the article

• Run a script as root from apache

  - by Lord Loh.

  I would like to update my hosts file and restart dnsmasq from a web interface (php/apache2). I tried playing around with suid bits (the demonstaration). I have both apache and dnsmasq running on an EC2 instance. I understand that Linux ignores the setuid bit on text scripts, but works on binary files. (Have I got something wrong?). I added exec("whoami"); to the example C program in Wikipedia. Although the effective UID of the C program is 0, whoami does not return root :-( I would thoroughly like to avoid echo password | sudo service dnsmasq restart or adding apache to the sudoers without password! Is there a way out? How does webmin do such things?

  Read the article

• Cannot mount USB drive -- FSTAB error

  - by user107646

  Recently, one of my desktops seems to have developed a problem with the fstab and mounting USB drives. The specific error I receive is... Unable to mount TRAVELDRIVE Error mounting: mount exited with exit code 1: helper failed with: Unprivileged user can not mount NTFS block devices using the external FUSE library. Either mount the volume as root, or rebuild NTFS-3G with integrated FUSE support and make it setuid root. Please see more information at http://tuxera.com/community/ntfs-3g-faq/#unprivileged The contents of my fstab are... /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc nodev,noexec,nosuid 0 0 #Entry for /dev/sdc1 : UUID=7e3431cd-522f-4e35-b286-4300fa702d4a / ext4 errors=remount-ro 0 1 #Entry for /dev/sda1 : UUID=60684D08684CDE82 /media/Archive ntfs-3g defaults,locale=en_US.UTF-8 0 0 #Entry for /dev/sdc5 : UUID=cd166221-4b1d-40f7-b9de-785208990587 none swap sw 0 0 /dev/sdd1 /media/sdd1 ntfs nls=iso8859-1,ro,users,umask=000,user 0 0 /dev/sdd5 /media/PS3 (fat32) vfat users,user 0 0 /dev/sdd5 /media/sdd5 vfat uid=m3talhead,users,user 0 0 I'm guessing its a problem with the duplicate /dev/sdd5 entries (?), but being the *nix noob I am, I'm not certain. What am I missing? Any assist is greatly appreciated!

  Read the article

• Set default owner/user

  - by Daniel Hollands

  I'm a web developer, and so have set-up an old machine in the office as an Ubuntu Server, for the purposes of testing websites. I've set-up LAMP and have created a /var/www folder, from which all my local sites are served. The issue is that of user permissions, i.e. any files that I copy into that folder (from my Windows machine via the network) automatically take on me (daniel) as their owner. The problem is that I want www-data to become the owner. I did some research and saw that it should be possible to use setuid (and setgid) to automatically set www-data as the owner of all files put into /var/www automatically, so far I've not had any luck making it work. Can someone help please? Thank you UPDATE: Would this do what I want it to do? Default file permissions for php user www-data UPDATE 2: I've kinda fixed my issue by changing my samba settings. Using Webmin, I was able to go in and change the default settings (as seen here: http://imageshack.us/photo/my-images/521/captureon.png/)

  Read the article

• Running commands though PHP/Perl scripts as a priviledged user on Linux.

  - by jtd

  Background: I am writing a script for a company that will allow users to create FTP accounts through a web interface. In the background, the script must run a bunch of commands: Add the user to the system (useradd) Open and edit various files mail the user via sendmail and a few other things... I'm basically looking for the most secure way of doing this. I've heard of the setuid method, the sudo method, and of course, running httpd as a priviledged user. There will be sanity checks on the data entered of course before any commands are executed (ie. only alphanumeric characters in usernames) What is the method used by the popular scripts out there (webmin for example), as it must be fairly secure?

  Read the article

• How can I login linux using C or C++

  - by jnblue

  I need to programmely switch the current user to another,then the followed code should be executed in the environment(such as path,authority..) of another user. I've find the 'chroot()','setuid()' may be associated with my case, but these functions need the root authority, I don't have root authority, but I have the password of the second user. what should I do? I have tried shell "su - " can switch current user, can this command help me in my C++ code? Don't laugh at me if my question is very stupid, I'm a true freshman on linux. :) Thanks!

  Read the article

• Error when reloading supervisord: unix:///tmp/supervisor.sock no such file

  - by Yarin

  I'm running supervisord on my CentOS 6 box like so, /usr/bin/supervisord -c /etc/supervisord.conf and when I launch supervisorctl all process status are fine, but if I try to reload using supervisorctl I get unix:///tmp/supervisor.sock no such file I'm using the same config file I've used successfully on other boxes, and im running everything as root. I can't undesrtand what the problem is... Config file: ; Sample supervisor config file. [unix_http_server] file=/tmp/supervisor.sock ; (the path to the socket file) ;chmod=0700 ; socket file mode (default 0700) ;chown=nobody:nogroup ; socket file uid:gid owner ;username=user ; (default is no username (open server)) ;password=123 ; (default is no password (open server)) ;[inet_http_server] ; inet (TCP) server disabled by default ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface) ;username=user ; (default is no username (open server)) ;password=123 ; (default is no password (open server)) [supervisord] logfile=/tmp/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) logfile_backups=10 ; (num of main logfile rotation backups;default 10) loglevel=info ; (log level;default info; others: debug,warn,trace) pidfile=/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid) nodaemon=false ; (start in foreground if true;default false) minfds=1024 ; (min. avail startup file descriptors;default 1024) minprocs=200 ; (min. avail process descriptors;default 200) ;umask=022 ; (process file creation umask;default 022) ;user=chrism ; (default is current user, required if root) ;identifier=supervisor ; (supervisord identifier, default is 'supervisor') ;directory=/tmp ; (default is not to cd during start) ;nocleanup=true ; (don't clean up tempfiles at start;default false) ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP) ;environment=KEY=value ; (key value pairs to add to environment) ;strip_ansi=false ; (strip ansi escape codes in logs; def. false) ; the below section must remain in the config file for RPC ; (supervisorctl/web interface) to work, additional interfaces may be ; added by defining them in separate rpcinterface: sections [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket ;username=chris ; should be same as http_username if set ;password=123 ; should be same as http_password if set ;prompt=mysupervisor ; cmd line prompt (default "supervisor") ;history_file=~/.sc_history ; use readline history if available ; The below sample program section shows all possible program subsection values, ; create one or more 'real' program: sections to be able to control them under ; supervisor. ;[program:foo] ;command=/bin/cat [program:embed_scheduler] command=/opt/web-apps/mywebsite/custom_process.py process_name=%(program_name)s_%(process_num)d numprocs=3 ;[program:theprogramname] ;command=/bin/cat ; the program (relative uses PATH, can take args) ;process_name=%(program_name)s ; process_name expr (default %(program_name)s) ;numprocs=1 ; number of processes copies to start (def 1) ;directory=/tmp ; directory to cwd to before exec (def no cwd) ;umask=022 ; umask for process (default None) ;priority=999 ; the relative start priority (default 999) ;autostart=true ; start at supervisord start (default: true) ;autorestart=unexpected ; whether/when to restart (default: unexpected) ;startsecs=1 ; number of secs prog must stay running (def. 1) ;startretries=3 ; max # of serial start failures (default 3) ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) ;stopsignal=QUIT ; signal used to kill process (default TERM) ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) ;killasgroup=false ; SIGKILL the UNIX process group (def false) ;user=chrism ; setuid to this UNIX account to run the program ;redirect_stderr=true ; redirect proc stderr to stdout (default false) ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) ;stdout_events_enabled=false ; emit events on stdout writes (default false) ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10) ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0) ;stderr_events_enabled=false ; emit events on stderr writes (default false) ;environment=A=1,B=2 ; process environment additions (def no adds) ;serverurl=AUTO ; override serverurl computation (childutils) ; The below sample eventlistener section shows all possible ; eventlistener subsection values, create one or more 'real' ; eventlistener: sections to be able to handle event notifications ; sent by supervisor. ;[eventlistener:theeventlistenername] ;command=/bin/eventlistener ; the program (relative uses PATH, can take args) ;process_name=%(program_name)s ; process_name expr (default %(program_name)s) ;numprocs=1 ; number of processes copies to start (def 1) ;events=EVENT ; event notif. types to subscribe to (req'd) ;buffer_size=10 ; event buffer queue size (default 10) ;directory=/tmp ; directory to cwd to before exec (def no cwd) ;umask=022 ; umask for process (default None) ;priority=-1 ; the relative start priority (default -1) ;autostart=true ; start at supervisord start (default: true) ;autorestart=unexpected ; whether/when to restart (default: unexpected) ;startsecs=1 ; number of secs prog must stay running (def. 1) ;startretries=3 ; max # of serial start failures (default 3) ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) ;stopsignal=QUIT ; signal used to kill process (default TERM) ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10) ;killasgroup=false ; SIGKILL the UNIX process group (def false) ;user=chrism ; setuid to this UNIX account to run the program ;redirect_stderr=true ; redirect proc stderr to stdout (default false) ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10) ;stdout_events_enabled=false ; emit events on stdout writes (default false) ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) ;stderr_logfile_backups ; # of stderr logfile backups (default 10) ;stderr_events_enabled=false ; emit events on stderr writes (default false) ;environment=A=1,B=2 ; process environment additions ;serverurl=AUTO ; override serverurl computation (childutils) ; The below sample group section shows all possible group values, ; create one or more 'real' group: sections to create "heterogeneous" ; process groups. ;[group:thegroupname] ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions ;priority=999 ; the relative start priority (default 999) ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or ; newlines). It can also contain wildcards. The filenames are ; interpreted as relative to this file. Included files *cannot* ; include files themselves. ;[include] ;files = relative/directory/*.ini

  Read the article

• chmod -R 777 / on ubuntu - numerous problems

  - by ncatnow

  A client has accidentally given the entire filesystem full permissions on their ubuntu 10.04 box. chmod -R 777 httpdocs/cd / As you can see they attempted to cd to the root, and instead gave chmod a fun parameter to play with. First sign of the problem was inability to use 'su', giving an authentication error. sudo also complained of a missing setuid bit. This was fixed by logging in as root from the machine itself, and running chmod +s /usr/bin/sudo. I can now sudo su and do what I need to as root. su still gives an authentication failure. I followed the advice here: http://swiss.ubuntuforums.org/showthread.php?t=1180661&page=2 chmod 0755 / chmod 0755 /* chmod 1777 /tmp chmod 0750 /root chmod 0700 /lost+found I then tried to reset root password. I still cannot su to become root, or su root. The system seems to be running fine. Are there any suggestions for getting su to work once again? Where can I look for more problems?

  Read the article

• Using virtual IP with stunnel and haproxy

  - by beardtwizzle

  Hi there, We have a load-balancer setup, in which an HTTPS Request flows through the following steps:- Client -> DNS -> stunnel on Load-Balancer -> HAProxy on LB -> Web-Server This setup works perfectly when stunnel is listening to the local IP of the Load-Balancer. However in our setup we have 2 load-balancers and we want to be able to listen to a virtual IP, which only ever exists on one LB at a time (keepalived flips the IP to the second LB if the first one falls over). HAProxy has no problem in doing this (and I can ping the assigned virtual IP on the load-balancer I'm testing), but it seems stunnel hates the concept. Has anyone achieved this before (below is my stunnel config - as you can see I'm actually listening for ALL traffic on 443):- cert= /etc/ssl/certs/mycert.crt key = /etc/ssl/certs/mykey.key ;setuid = nobody ;setgid = nogroup pid = /etc/stunnel/stunnel.pid debug = 3 output = /etc/stunnel/stunnel.log socket=l:TCP_NODELAY=1 socket=r:TCP_NODELAY=1 [https] accept=443 connect=127.0.0.1:8443 TIMEOUTclose=0 xforwardedfor=yes Sorry for the long-winded question!

  Read the article

• Is there a way to tell SGE to run specific jobs as root on the execution node?

  - by Rick Reynolds

  The title kinda says it all... We're using SGE/OGE to submit jobs to a set of worker nodes that then do things with specific pieces of equipment. The programs and scripts that have been created that manipulate this equipment rely on running as root. I'd like SGE to handle allocation of resources in a way that is mindful of users, groups, projects, etc., but I also need the actual jobs to run with root permissions. I've read up on How can one run a prologue script as root in gridengine? to see if anything there was pertinent, but it seems that SGE is providing the "user@" kind of spec specifically for prolog and epilog kinds of actions. Is there any similar functionality for the job itself? I'm aware of su/sudo approaches, but that won't really work in this environment because the sudoers file isn't globally managed (i.e. I'd have to add a whole set of users to /etc/sudoers on lots of machines). I'm currently looking into a setuid kind of solution, but that would definitely be an unnecessary kind of work-around if SGE provides me a way to declare that a specific job (or jobs in a specific queue) always needs to run with a specific user's rights.

  Read the article

• executable in path, findable by which, yet cannot execute without fully qualifying path?

  - by Peeter Joot

  I've got a bizarre seeming shell issue, with a command in the $PATH that the shell (ksh, running on Linux) appears to cowardly refuse to invoke. Without fully qualifying the command, I get: # mycommand /bin/ksh: mycommand: not found [No such file or directory] but the file can be found by which: # which mycommand /home/me/admbin/mycommand I also explicitly see that directory in $PATH: # echo $PATH | tr : '\n' | grep adm /home/me/admbin The exe at that location seems normal: # file /home/me/admbin/mycommand /home/me/admbin/mycommand: setuid setgid ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.4, dynamically linked (uses shared libs), not stripped # ls -l mycommand -r-sr-s--- 1 me mygroup 97892 2012-04-11 18:01 mycommand and if I run it explicitly using a fully qualified path: # /home/me/admbin/mycommand I see the expected output. Something is definitely confusing the shell here, but I'm at a loss what it could be? EDIT: finding what looked like a similar question: Binary won't execute when run with a path. Eg >./program won't work but >program works fine I also tested for more than one such command in my $PATH, but find only one: # for i in `echo $PATH | tr : '\n'` ; do test -e $i/mycommand && echo $i/mycommand ; done /home/me/admbin/mycommand

  Read the article

• uWSGI cannot find "application" using Flask and Virtualenv

  - by skyler

  Using uWSGI to serve a simple wsgi app, (a simple "Hello, World") my configuration works, but when I try to run a Flask app, I get this in uWSGI's error logs: current working directory: /opt/python-env/coefficient/lib/python2.6/site-packages writing pidfile to /var/run/uwsgi.pid detected binary path: /opt/uwsgi/uwsgi setuid() to 497 your memory page size is 4096 bytes detected max file descriptor number: 1024 lock engine: pthread robust mutexes uwsgi socket 0 bound to TCP address 127.0.0.1:3031 fd 3 Python version: 2.6.6 (r266:84292, Jun 18 2012, 14:18:47) [GCC 4.4.6 20110731 (Red Hat 4.4.6-3)] Set PythonHome to /opt/python-env/coefficient/ *** Python threads support is disabled. You can enable it with --enable-threads *** Python main interpreter initialized at 0xbed3b0 your server socket listen backlog is limited to 100 connections *** Operational MODE: single process *** added /opt/python-env/coefficient/lib/python2.6/site-packages/ to pythonpath. unable to find "application" callable in file /var/www/coefficient/flask.py unable to load app 0 (mountpoint='') (callable not found or import error) *** no app loaded. going in full dynamic mode *** *** uWSGI is running in multiple interpreter mode ***` Note in particular this part of the log: unable to find "application" callable in file /var/www/coefficient/flask.py unable to load app 0 (mountpoint='') (callable not found or import error) **no app loaded. going in full dynamic mode** This is my Flask app: from flask import Flask app = Flask(__name__) @app.route("/") def hello(): return "Hello, World, from Flask!" Before I added my Virtualenv's pythonpath to my configuration file, I was getting an ImportError for Flask. I solved this though, I believe (I'm not receiving errors about it anymore) and here is my complete configuration file: uwsgi: #socket: /tmp/uwsgi.sock socket: 127.0.0.1:3031 daemonize: /var/log/uwsgi.log pidfile: /var/run/uwsgi.pid master: true vacuum: true #wsgi-file: /var/www/coefficient/coefficient.py wsgi-file: /var/www/coefficient/flask.py processes: 1 virtualenv: /opt/python-env/coefficient/ pythonpath: /opt/python-env/coefficient/lib/python2.6/site-packages This is how I start uWSGI, from an rc script: /opt/uwsgi/uwsgi --yaml /etc/uwsgi/conf.yaml --uid uwsgi And if I try to view the Flask program in a browser, I get this: **uWSGI Error** Python application not found Any help is appreciated.

  Read the article

• Why won't my service start, and why doesn't upstart output any errors?

  - by Alex Waters

  I am trying to 'start gunicorn' as a service via upstart as user ale. I'm using gunicorn/flask on ubuntu 12.04 w/ init (upstart 1.5) Here is my /etc/init/gunicorn.conf setuid btw setgid flask script export HOME=/home/btw export WORKON_HOME=$HOME/.virtualenvs . $HOME/.virtualenvs/default/bin/activate cd $HOME/flask workon default gunicorn -c gunicorn.py bw:app end script It doesn't output anything other than gunicorn start/running, process 12992. If i then do 'status gunicorn' I get stop/waiting. any ideas on how to debug this? I tried following http://upstart.ubuntu.com/wiki/Debugging but it didn't help. If I do the following as user ale in the app's directory: 1. workon default 2. gunicorn -c gunicorn.py bw:app then Gunicorn runs fine. Here is ~/flask/gunicorn.py: bind = "0.0.0.0:8080" workers = 3 backlog = 2048 worker_class = "gevent" debug = True daemon = False pidfile ="/tmp/gunicorn.pid" log_level = "debug" accesslog = "/var/log/gunicorn/access.log" errorlog = "/var/log/gunicorn/error.log" user = "btw" group = "flask" Also, /var/log/error.log doesn't show anything new when I try to start the Gunicorn service. If I start it manually, it shows that the workers have been loaded, etc. Thanks for any help / suggestions!

  Read the article

• Managing Linux Directory Permissions & SFTP

  - by Dizzle

  Good morning; I have a RHEL 5.7 web server configured to allow SSH/SFTP only by specific groups. I'd like for content managers to upload content to their respective directories and have that content inherit the user/group ownership of the directory regardless of upload method or application. For example: John is in group "web" for SSH/SFTP rights and "finance" for directory permissions, and uploads to directory "webstuff" via SFTP. Directory "webstuff" has permissions of "2760" (rwxrws---), and ownership of "apache:finance". If John uploads an update to an existing file in "webstuff", the ownership of the file stays at "apache:finance". If John uploads a new file to "webstuff", the ownership of the file is "john:finance". My desire is to have any file from John uploaded to "webstuff" to change to the directory's owner. I've tried with setuid and setgid both set, but the user-ownership didn't take. I've seen mentions on ServerFault of using ACL's, or a chrooted jail for SFTP but I have yet to configure and test them, and I don't know if they're a viable solution (they could be, I just don't know because I've never done either). Any thoughts and assistance would be greatly appreciated.

  Read the article

• Play framework 2.2 using Upstart 1.5 (Ubuntu 12.04)

  - by Leon Radley

  I'm trying to get Play 2.2 working with upstart. I've been running Play 2.x with upstart since it's release and it's never been a problem. But since the release of 2.2 and the change to http://www.scala-sbt.org/sbt-native-packager/ play doesn't want to start any more. Here's the config I'm using description "PlayFramework 2.2" version "2.2" env APP=myapp env USER=myuser env GROUP=www-data env HOME=/home/myuser/app env PORT=9000 env ADDRESS=127.0.0.1 env CONFIG=production.conf env JAVAOPTS="-J-Xms128M -J-Xmx512m -J-server" start on runlevel [2345] stop on runlevel [06] respawn respawn limit 10 5 expect daemon # If you want the upstart script to build play with sbt pre-start script chdir $HOME sbt clean compile stage -mem $SBTMEM end script exec start-stop-daemon --pidfile ${HOME}/RUNNING_PID --chuid $USER:$GROUP --exec ${HOME}/bin/${APP} --background --start -- -Dconfig.resource=$CONFIG -Dhttp.address=$ADDRESS -Dhttp.port=$PORT $JAVAOPTS I've changed the JAVAOPTS to include the -J- and I've also changed the path to use the new startscript located in the /bin/ dir. I've read that upstart 1.4 has setuid and setguid. I've tried removing the start-stop-daemon but I haven't got that working either. Any suggestions would be appreciated.

  Read the article

• DRY Authenticated Tasks in Cocoa (with distributed objects)

  - by arbales

  I'm kind of surprise/infuriated that the only way for me to run an authenticated task, like perhaps sudo gem install shi*t, is to make a tool with pre-written code. I'm writing a MacRuby application, which doesn't seem to expose the KAuthorization* constants/methods. So.. I learned Cocoa and Objective-C. My application creates a object, serves it and calls the a tool that elevates itself and then performs a selector on a distributed object (in the tool's thread). I hoped that the distributed object's methods would evaluated inside the tool, so I could use delegation to create "privileged" tasks. If this won't work, don't try to save it, I just want a DRY/cocoa solution. AuthHelper.m //AuthorizationExecuteWithPrivileges of this. AuthResponder* my_responder = [AuthResponder sharedResponder]; // Gets the proxy object (and it's delegate) NSString *selector = [NSString stringWithUTF8String:argv[3]]; NSLog(@"Performing selector: %@", selector); setuid(0); if ([[my_responder delegate] respondsToSelector:NSSelectorFromString(selector)]){ [[my_responder delegate] performSelectorOnMainThread:NSSelectorFromString(selector) withObject:nil waitUntilDone:YES]; } RandomController.m - (void)awakeFromNib { helperToolPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingString:@"/AuthHelper"]; delegatePath = [[[NSBundle mainBundle] resourcePath] stringByAppendingString:@"/ABExtensions.rb"]; AuthResponder* my_responder = [AuthResponder initAsService]; [my_responder setDelegate:self]; } -(oneway void)install_gems{ NSArray *args = [NSArray arrayWithObjects: @"gem", @"install", @"sinatra", nil]; [NSTask launchedTaskWithLaunchPath:@"/usr/bin/sudo" arguments:args]; NSLog(@"Ran AuthResponder.delegate.install_gems"); // This prints. } ... other privileges tasks. "sudo gem update --system" for one. I'm guessing the proxy object is performing the selector in it's own thread, but I want the current (privileged thread) to do it so I can use sudo. Can I force the distributed object to evaluate the selector on the tool's thread? How else can I accomplish this dryly/cocoaly?

  Read the article

• Authenticating GTK app to run with root permissions

  - by Thomas Tempelmann

  I have a UI app (uses GTK) for Linux that requires to be run as root (it reads and writes /dev/disk*). Instead of requiring the user to open a root shell or use "sudo" manually every time when he launches my app, I wonder if the app can use some OS-provided API to ask the user to relaunch the app with root permissions. (Note: gtk app's can't use "setuid" mode, so that's not an option here.) The advantage here would be an easier workflow: The user could, from his default user account, double click my app from the desktop, and the app then would relaunch itself with root permission after been authenticated by the API/OS. I ask this because OS X offers exactly this: An app can ask the OS to launch an executable with root permissions - the OS (and not the app) then asks the user to input his credentials, verifies them and then launches the target as desired. I wonder if there's something similar for Linux (Ubuntu, e.g.) Update: The app is a remote operated disk repair tool for the unsavvy Linux user, and those Linux noobs won't have much understanding of using sudo or even changing their user's group memberships, especially if their disk just started acting up and they're freaking out. That's why I seek a solution that avoids technicalities like this.

  Read the article

< Previous Page | 1 2 3 4  | Next Page >