[Setup] Installation guide update - non-root recommendation

Daniel Tordable daniel at danieltordable.net
Thu Feb 7 11:44:45 UTC 2013 

I've edited the buildout template, removing the "plone.precompiler" package
and the "setpermissions" that use both 2 recipes that IMHO doesn't come in
the distribution. I installed it completely but when I do the magic command
"plonectl start" seems that something doesn't work.

About FreeBSD: it comes with all  the GNU toolchain on it. so I suppose
everything works. It even worked for P4.x series. So I think it is not a
problem of prerequisites. If I can help, count with me!

2013/2/6 Alex Clark <aclark at aclark.net>

> **
>
> On 2013-02-06 15:19:29 +0000, Daniel Tordable said:
>
>
> Been reading this stuff after trying to install Plone 4.3 in a FreeBSD
> box. Tried it on a zeo installation like I did with 4.2 series but it
> failed because something, IIRC a package that was not found within the .tgz
> of that installer (something that is called  'precompiler').
>
>
>
> I don't know how to install P4.3.
>
>
>
> dtordable! Is there a FreeBSD equivalent to Debian/Ubuntu's
> "build-essentials" meta-package? Maybe you are missing the basics you need
> to compile…
>
>
>
>
> 2013/2/6 Steve McMahon <steve at dcn.org>
>
> On Tue, Feb 5, 2013 at 2:36 PM, Mikko Ohtamaa <
> mikko+plone at redinnovation.com> wrote:
>
> ...
>
>
> Questions I have immediately in my mind include:
>
>
> Does 4.3 installer mean Ineed two UNIX user accounts (one for buildouting,
>
> one for launching the daemon)
>
>
> By default yes. It also sets up a group that contains both users.
>
>
>
>
> How one is suppose to update src/ files on run buildout? As a sudo and
> root?
>
>
> With a command like:
>
>
> sudo -u plone_buildout bin/buildout
>
>
> The buildout also has a component that precompiles .py and .po files so
> that the daemon user doesn't have to do this. The common group is used so
> that the daemon and buildout users can both write to ./var.
>
>
>
>
> Do you still need to launch the site as a root and you cannot do
>
> bin/instance restart as a normal user?
>
>
> It would typically be:
>
>
> sudo -u plone_daemon bin/instance ...
>
>
> or by having supervisor set up to run it as plone_daemon.
>
>
> The security gain from all this extra work is to prevent the daemon user
> processes from being able writing into anything other than var. In
> particular, prevent them from writing into code and configuration
> directories.
>
>
>
>
>
> _______________________________________________
>
> Setup mailing list
>
> Setup at lists.plone.org
>
> https://lists.plone.org/mailman/listinfo/plone-setup
>
>
>
> --
>
> Alex Clark · https://www.gittip.com/aclark4life/
>
> _______________________________________________
> Setup mailing list
> Setup at lists.plone.org
> https://lists.plone.org/mailman/listinfo/plone-setup
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-setup/attachments/20130207/6e9329c7/attachment.html>

More information about the Setup mailing list