[Cubicweb] CubicWeb: 'system' instance on a server

Dimitri Papadopoulos Orfanos dimitri.papadopoulos at cea.fr
Fri May 23 17:22:52 CEST 2014

Hi Christophe,

There are a few caveats:

* When rotating logs, the new logs belong to root:adm or something like
that by default. It should be possible to tell rotate to create the new
logs as cubicweb:cubicweb for example, like /var/log/postgresql belongs
to posgres for example. But then you have no choice, you cannot start
CubicWeb as 'aims' or whatever alternate account you need, just 'cubicweb'.

* You will have to write your own startup script in /etc/init or
/etc/init.d, unless again instances are always started as 'cubicweb'.

In short, I believe it should already be possible to start all CubicWeb
instances as 'cubicweb'. But then you loose the flexibility of starting
them from alternate accounts - such as 'aims' in our case - using the
'uid' attribute in all-in-one.conf. Unless I am mistaken, there is a
trade-off here - and this trade-off looks like a general Linux issue.


Le 23/05/2014 17:09, Christophe de Vienne a écrit :
> Hi,
> I cannot answer directly to your question, but it raises an interesting
> point :
> We should be able to run "system" instances as non-root. I could do this
> successfully after changing rights on a few files (the log directory for
> example), so I guess it would not be difficult to add as a native feature.
> Has anything been done about this ?
> Cheers,
> Christophe

Dimitri Papadopoulos
I2BM, NeuroSpin
F-91191 Gif-sur-Yvette cedex, France

More information about the Cubicweb mailing list