开发者

Linux user scheme for a Django production server

I'm currently trying to set up nginx + uWSGI server for my Django homepage. Some tutorials advice me to create specific UNIX users for ce开发者_运维知识库rtain daemons. Like nginx user for nginx daemon and so on. As I'm new to Linux administration, I thought just to create second user for running all the processes (nginx, uWSGI etc.), but it turned out that I need some --system users for that.

Main question is what users would you set up for nginx + uWSGI server and how to work with them? Say, I have server with freshly installed Debian Squeeze.

Should I install all the packages, virtual environment and set up all the directories as root user and then create system ones to run the scripts?


I like having regular users on a system:

  • multiple admins show up in sudo logs -- there's nothing quite like asking a specific person why they made a specific change.

  • not all tasks require admin privileges, but admin-level mistakes can be more costly to repair

  • it is easier to manage the ~/.ssh/authorized_keys if each file contains only keys from a specific user -- if you get four or five different users in the file, it's harder to manage. Small point :) but it is so easy to write cat ~/.ssh/id_rsa.pub | ssh user@remotehost "cat - > ~/.ssh/authorized_keys" -- if one must use >> instead, it's precarious. :)

But you're right, you can do all your work as root and not bother with regular user accounts.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜