Justin Meltzer asked:
So I’m trying to run Supervisor (http://supervisord.org/) as a non-root user. However the process outputs logs to the
/var/log directory which is owned by root and has 755 permissions. Therefore starting the process as a non-root user throws a permission denied error. What is a best practice for solving this issue? One idea I have is to recursively change the group of the
/var directory to that of the user which is starting the supervisor process, and giving the
/var directory 775 permissions. Is this acceptable from a security standpoint?
user= directive in
supervisord.conf, so that supervisord starts as root, does any necessary opening of files, and then drops privileges.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.