[Setup] Installation guide update - non-root recommendation
aclark at aclark.net
Wed Feb 6 20:29:14 UTC 2013
On 2013-02-06 15:19:29 +0000, Daniel Tordable said:
> Been reading this stuff after trying to install Plone 4.3 in a FreeBSD
> box. Tried it on a zeo installation like I did with 4.2 series but it
> failed because something, IIRC a package that was not found within the
> .tgz of that installer (something that is called 'precompiler').
> I don't know how to install P4.3.
dtordable! Is there a FreeBSD equivalent to Debian/Ubuntu's
"build-essentials" meta-package? Maybe you are missing the basics you
need to compile…
> 2013/2/6 Steve McMahon <steve at dcn.org>
> On Tue, Feb 5, 2013 at 2:36 PM, Mikko Ohtamaa
> <mikko+plone at redinnovation.com> wrote:
> Questions I have immediately in my mind include:
> Does 4.3 installer mean Ineed two UNIX user accounts (one for buildouting,
> one for launching the daemon)
> By default yes. It also sets up a group that contains both users.
> How one is suppose to update src/ files on run buildout? As a sudo and root?
> With a command like:
> sudo -u plone_buildout bin/buildout
> The buildout also has a component that precompiles .py and .po files so
> that the daemon user doesn't have to do this. The common group is used
> so that the daemon and buildout users can both write to ./var.
> Do you still need to launch the site as a root and you cannot do
> bin/instance restart as a normal user?
> It would typically be:
> sudo -u plone_daemon bin/instance ...
> or by having supervisor set up to run it as plone_daemon.
> The security gain from all this extra work is to prevent the daemon
> user processes from being able writing into anything other than var. In
> particular, prevent them from writing into code and configuration
> Setup mailing list
> Setup at lists.plone.org
Alex Clark · https://www.gittip.com/aclark4life/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Setup