apache user needs to be in the wheel group ?

[bozhinov]

The way I read it cloneos->cbsd_cmd needs to exec a command with elevated privs does that mean that the user that runs the apache httpd needs to be in the wheel group ?

[olevole]

In the current schema, the apache/httpd/nginx user must be a member of the cbsd group as it only interacts with cbsd commands.

This is an outdated scheme and the new implementation implies interaction through the api and the broker[1]. It will also make multi-mode installations much easier. However, this is a large refactoring that has not yet begun due to lack of human resources.

However, new functionality (for example, the planned Kubernetes module) will interact via the api, WIP.

__ [1] - https://www.bsdstore.ru/en/broker_driven_sample_ssi.html

[bozhinov]

good. cause the current code makes my skin crawl even if it is only to be run over the management lan

I could land a hand if you would accept it.

[olevole]

@bozhinov I understand your pain ;-) and am very glad that the community is growing, because ClonOS is a large multi-component project. After some refactoring of the backend and finalizing api (wip) on my part, we can start this work. I am currently testing several PoC (proof-of-concept) multi-node pool-binded APIs based on beanstalkd/RMQ

[olevole]

[bozhinov]

Nice! ok so what's with the Go, Python, PHP and the number of database engines in use ?