Run redishappy-consul-service as redishappy:haproxy (instead of root:root) when using Upstart

mdevilliers / redishappy

Redis Sentinel high availabillity daemon

Apache License 2.0

114 stars 23 forks source link

Run redishappy-consul-service as redishappy:haproxy (instead of root:root) when using Upstart #33

Closed dominics closed 9 years ago

dominics commented 9 years ago

Tentative fix for #31 - haven't personally built a .deb with it yet.

dominics commented 9 years ago

In one of those commits, I say it's 'standard' for /etc/foo dirs to be world-readable and executable(/traversable), but that's just going by a quick ls -l on my system - I couldn't find the Debian packaging documentation about it.

A more hardened version would be to keep them readable only by the redishappy user. It'd require a quick change to the postinstall. But I really don't see the harm (unless you require a password to access your Redis/Sentinel instance, I guess?)

dominics commented 9 years ago

One small build fix attached that you may want to merge either way :D

mdevilliers commented 9 years ago

Hey Dominic, Thanks for looking at this - look good.

The only tweak I want to make is make the user/group redishappy/redishappy.

Thanks again,

Mark