开发者

Starting Node with God with sudo

I need to start a Node.js server as the root user (using sudo) with a start param that looks like:

w.start = "sudo node #{KTHXBYE_NODE_ROOT}/poll.js"

As I am using Socket.IO and need the use of Flash Sockets (which requires Node.js to be run as root).

However, whenever I startup God, it fails to start node. I've tried running God with sudo, without sudo, as rvmsudo (as I'm using RVM to manage ruby version on my machine) and nothing seems to fix it. Anyone know of a way to run processes开发者_开发百科 with sudo in God?

Thanks.


Here is my minimal config file for running node.js server with "god":

APP_ROOT = "/home/sphynx/app"                   # application root

God.pid_file_directory = "#{APP_ROOT}/pids"     # directory to store PID files

God.watch do |w|
    w.name = "chapayev"
    w.interval = 5.seconds # default
    w.start = "env node #{APP_ROOT}/server.js"  # path to node.js server file
    w.stop = "env killall node"                 # stopping node explicitly
    w.start_grace = 10.seconds
    w.restart_grace = 10.seconds            
    w.log = "#{APP_ROOT}/log/chapayev.log"      # to enable logging

    w.start_if do |start|                       # start if condition is met
      start.condition(:process_running) do |c|  # check if process is running
        c.interval = 5.seconds
        c.running = false
      end
    end
end

It starts node.js automatically if it has not been started yet, and uses internal "god" daemonization means.

Make sure that you have "start_if" part in your config, which defines a condition for starting the monitored process. Here we have a condition to start if the process is not running, exactly what we need!

As about "sudo" privileges: I think there is no need to include sudo in your god config "start" command. You may rather invoke with sudo "god" itself, then it will run monitored processes with sudo as well. For example I'm testing "god" config with the following command:

sudo god -c conf/chapayev.god -D

(-D for printing the output in console to see all the configuration mistakes immediately)

For more details please take a look on this post: http://blog.acmarques.com/deploying_node_with_nginx_and_god


Isn't it better to server flash socket policy file with web server, e.g. nginx?

server { 
    listen 843; 
    server_name {{ SERVER_NAME }} www.{{ SERVER_NAME }}; 
    location / { 
        root {{ PATH_TO_FOLDER_WITH_crossdomain.xml_FILE }}; 
        autoindex off; 
    } 
} 

and crossdomain.xml file (replace * with proper values):

<cross-domain-policy> 
     <allow-access-from domain="*" to-ports="*" /> 
</cross-domain-policy> 

This way node wouldn't have to be started with sudo. This is easier and more secure in my opinion. There can also be issues with files ownership created by node when running as root.

If node is started as root it's good to chroot it or to change UID after port binding.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜