Object
This class and its members can be considered a stable interface and will not change in a backwards-incompatible fashion between releases of Unicorn. Knowledge of this class is generally not not needed for most users of Unicorn.
Some users may want to access it in the before_fork/after_fork hooks. See the Unicorn::Configurator RDoc for examples.
In most cases, you should be using the Unicorn::Configurator#user directive instead. This method should only be used if you need fine-grained control of exactly when you want to change permissions in your after_fork hooks.
Changes the worker process to the specified user and group This is only intended to be called from within the worker process from the after_fork hook. This should be called in the after_fork hook after any privileged functions need to be run (e.g. to set per-worker CPU affinity, niceness, etc)
Any and all errors raised within this method will be propagated directly back to the caller (usually the after_fork hook. These errors commonly include ArgumentError for specifying an invalid user/group and Errno::EPERM for insufficient privileges
# File lib/unicorn/worker.rb, line 73 73: def user(user, group = nil) 74: # we do not protect the caller, checking Process.euid == 0 is 75: # insufficient because modern systems have fine-grained 76: # capabilities. Let the caller handle any and all errors. 77: uid = Etc.getpwnam(user).uid 78: gid = Etc.getgrnam(group).gid if group 79: Unicorn::Util.chown_logs(uid, gid) 80: @tmp.chown(uid, gid) if @tmp 81: if gid && Process.egid != gid 82: Process.initgroups(user, gid) 83: Process::GID.change_privilege(gid) 84: end 85: Process.euid != uid and Process::UID.change_privilege(uid) 86: @switched = true 87: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.