题
I am experiencing some problem with a gunicorn service, after stopping it I find requests are successfully serviced and doing a ps aux | grep python confirms the service is still running.
I searched around and found that many scripts are using user nobody nogroup.
in my case I had set the gunicorn script to use daemon user.
So my question is when should you use this user nobody as opposed to say using daemon user?
Thanks for your assistance and time.
解决方案
The 'nobody' user that's running the daemon has zero privileges on the machine. It's usually reserved for untrusted daemons like httpd, etc.
https://wiki.ubuntu.com/nobody
It's really just a convention for a user that has minimal permissions on the system so that if you get hacked, there is less potential for damage. This may or not be the case (lots of root escalations happen with the nobody user), but it's good best practice anyway.
https://stackoverflow.com/questions/22380498
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian