使用 sudo 与 God 一起启动 Node

发布于 2024-09-26 09:13:56 字数 417 浏览 1 评论 0原文

我需要以 root 用户身份启动 Node.js 服务器（使用 sudo），其启动参数如下所示：

w.start = "sudo node #{KTHXBYE_NODE_ROOT}/poll.js"

因为我正在使用 Socket.IO 并且需要使用 Flash Sockets（这需要 Node.js 以 root 身份运行））。

但是，每当我启动 God 时，它都无法启动节点。我尝试使用 sudo 运行 God，不使用 sudo，作为 rvmsudo （因为我使用 RVM 来管理我的计算机上的 ruby 版本）似乎没有什么可以解决这个问题。有人知道在 God 中使用 sudo 运行进程的方法吗？

谢谢。

原文

I need to start a Node.js server as the root user (using sudo) with a start param that looks like:

w.start = "sudo node #{KTHXBYE_NODE_ROOT}/poll.js"

As I am using Socket.IO and need the use of Flash Sockets (which requires Node.js to be run as root).

However, whenever I startup God, it fails to start node. I've tried running God with sudo, without sudo, as rvmsudo (as I'm using RVM to manage ruby version on my machine) and nothing seems to fix it. Anyone know of a way to run processes with sudo in God?

Thanks.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

那请放手 2024-10-03 09:13:56

这是我使用“god”运行node.js服务器的最小配置文件：

APP_ROOT = "/home/sphynx/app"                   # application root

God.pid_file_directory = "#{APP_ROOT}/pids"     # directory to store PID files

God.watch do |w|
    w.name = "chapayev"
    w.interval = 5.seconds # default
    w.start = "env node #{APP_ROOT}/server.js"  # path to node.js server file
    w.stop = "env killall node"                 # stopping node explicitly
    w.start_grace = 10.seconds
    w.restart_grace = 10.seconds            
    w.log = "#{APP_ROOT}/log/chapayev.log"      # to enable logging

    w.start_if do |start|                       # start if condition is met
      start.condition(:process_running) do |c|  # check if process is running
        c.interval = 5.seconds
        c.running = false
      end
    end
end

如果尚未启动，它会自动启动node.js，并使用内部“god”守护进程方式。

确保您的配置中有“start_if”部分，它定义了启动受监控进程的条件。这里我们有一个在进程没有运行时启动的条件，这正是我们所需要的！

至于“sudo”权限：我认为没有必要在你的上帝配置“启动”命令中包含 sudo 。您可能更愿意使用 sudo “god” 本身进行调用，然后它也会使用 sudo 运行受监视的进程。例如，我正在使用以下命令测试“god”配置：

sudo god -c conf/chapayev.god -D

（-D 用于在控制台中打印输出以立即查看所有配置错误）

有关更多详细信息，请查看这篇文章：
http://blog.acmarques.com/deploying_node_with_nginx_and_god

Here is my minimal config file for running node.js server with "god":

APP_ROOT = "/home/sphynx/app"                   # application root

God.pid_file_directory = "#{APP_ROOT}/pids"     # directory to store PID files

God.watch do |w|
    w.name = "chapayev"
    w.interval = 5.seconds # default
    w.start = "env node #{APP_ROOT}/server.js"  # path to node.js server file
    w.stop = "env killall node"                 # stopping node explicitly
    w.start_grace = 10.seconds
    w.restart_grace = 10.seconds            
    w.log = "#{APP_ROOT}/log/chapayev.log"      # to enable logging

    w.start_if do |start|                       # start if condition is met
      start.condition(:process_running) do |c|  # check if process is running
        c.interval = 5.seconds
        c.running = false
      end
    end
end

It starts node.js automatically if it has not been started yet, and uses internal "god" daemonization means.

Make sure that you have "start_if" part in your config, which defines a condition for starting the monitored process. Here we have a condition to start if the process is not running, exactly what we need!

As about "sudo" privileges: I think there is no need to include sudo in your god config "start" command. You may rather invoke with sudo "god" itself, then it will run monitored processes with sudo as well. For example I'm testing "god" config with the following command:

sudo god -c conf/chapayev.god -D

(-D for printing the output in console to see all the configuration mistakes immediately)

For more details please take a look on this post:
http://blog.acmarques.com/deploying_node_with_nginx_and_god

回复收藏 0 原文

橪书 2024-10-03 09:13:56

使用 Web 服务器（例如 nginx）来服务器 flash 套接字策略文件不是更好吗？

server { 
    listen 843; 
    server_name {{ SERVER_NAME }} www.{{ SERVER_NAME }}; 
    location / { 
        root {{ PATH_TO_FOLDER_WITH_crossdomain.xml_FILE }}; 
        autoindex off; 
    } 
}

和 crossdomain.xml 文件（将 * 替换为正确的值）：

<cross-domain-policy> 
     <allow-access-from domain="*" to-ports="*" /> 
</cross-domain-policy>

这样节点就不必使用 sudo 启动。我认为这更容易、更安全。以 root 身份运行时，节点创建的文件所有权也可能存在问题。

如果节点以 root 身份启动，最好对其进行 chroot 或在端口绑定后更改 UID。

Isn't it better to server flash socket policy file with web server, e.g. nginx?

server { 
    listen 843; 
    server_name {{ SERVER_NAME }} www.{{ SERVER_NAME }}; 
    location / { 
        root {{ PATH_TO_FOLDER_WITH_crossdomain.xml_FILE }}; 
        autoindex off; 
    } 
}

and crossdomain.xml file (replace * with proper values):

<cross-domain-policy> 
     <allow-access-from domain="*" to-ports="*" /> 
</cross-domain-policy>

This way node wouldn't have to be started with sudo. This is easier and more secure in my opinion. There can also be issues with files ownership created by node when running as root.

If node is started as root it's good to chroot it or to change UID after port binding.

回复收藏 0 原文

~没有更多了~