diff options
| author | Lars Wirzenius <liw@liw.fi> | 2017-10-14 14:58:38 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2017-10-14 14:58:38 +0300 |
| commit | e3d31f173564917ce01141d8e371dc406bb8b847 (patch) | |
| tree | 45be28b40d4c7e2e5445af920ebeea591949aeef | |
| parent | 8c34972274efdc291839a2609330ce5e7b54be76 (diff) | |
| parent | e9007a842c179e5b9861dbd6c868396c50c52be1 (diff) | |
| download | ick2-e3d31f173564917ce01141d8e371dc406bb8b847.tar.gz | |
Merge: create dedicated user, put logs in right place
| -rw-r--r-- | debian/ick2.postinst | 9 | ||||
| -rw-r--r-- | ick2.service | 4 | ||||
| -rw-r--r-- | ick_controller.py | 2 | ||||
| -rw-r--r-- | start_ick | 2 |
4 files changed, 12 insertions, 5 deletions
diff --git a/debian/ick2.postinst b/debian/ick2.postinst index c8192a7..13595a9 100644 --- a/debian/ick2.postinst +++ b/debian/ick2.postinst @@ -16,7 +16,14 @@ set -eu +# Create a group and user for ick +addgroup --system --force _ick +adduser --system --disabled-login --disabled-password \ + --gecos "Ick CI" --home /var/lib/ick \ + --shell /bin/true --force \ + _ick + # Create the log directory with the right ownership and permissions. -install -d -m 0755 -o www-data -g www-data /var/log/ick2 +install -d -m 0755 -o _ick -g _ick /var/log/ick #DEBHELPER# diff --git a/ick2.service b/ick2.service index 9e2f4c1..57fd209 100644 --- a/ick2.service +++ b/ick2.service @@ -18,8 +18,8 @@ After=network.target [Service] Type=simple -User=www-data -Group=www-data +User=_ick +Group=_ick WorkingDirectory=/var/lib/ick ExecStart=/usr/bin/start_ick KillSignal=QUIT diff --git a/ick_controller.py b/ick_controller.py index 59ac86a..a7a1c51 100644 --- a/ick_controller.py +++ b/ick_controller.py @@ -59,7 +59,7 @@ def load_config(filename, defconf): def main(): logger = logging.getLogger() logger.setLevel(logging.DEBUG) - handler = logging.FileHandler('/tmp/ick.log') + handler = logging.StreamHandler(sys.stderr) logger.addHandler(handler) logging.info('Starting ick controller main program') @@ -19,6 +19,6 @@ set -eux export ICK_CONTROLLER_CONFIG=/etc/ick/controller.conf gunicorn3 \ --bind 127.0.0.1:12765 \ - --log-file /tmp/gunicorn3.log \ + --log-file /var/log/ick/gunicorn3.log \ --log-level debug \ ick_controller:app |