search

pythonindia / magudi

Salt stack based config for Python India servers
https://in.pycon.org
5 stars 9 forks source link

Separate user for junction #2

Closed kracekumar closed 8 years ago

kracekumar commented 9 years ago

As of now junction is deployed as root. It is not good practice, we should have separate user junction for running provision and junction user should be sudoable.

@vigneshsarma Thoughts ?

atyagi1024 commented 8 years ago

In my opinion, deploying the application as root is not a problem. Application should not 'run' as root. I can see both 'junction' and 'wye' are using the user 'app' while starting the application. This is be okay.

One suggestion though. If 'junction' and 'wye' are two different projects I would suggest we use two different users for running the daemons. Two different machine is even better from security point of view.

kracekumar commented 8 years ago

Yes, you're right. Two projects are hosted in different machines.

On Sat, Dec 19, 2015 at 12:46 PM, Atul Tyagi notifications@github.com wrote:

In my opinion, deploying the application as root is not a problem. Application should not 'run' as root. I can see both 'junction' and 'wye' are using the user 'app' while starting the application. This is be okay.

One suggestion though. If 'junction' and 'wye' are two different projects I would suggest we use two different users for running the daemons. Two different machine is even better from security point of view.

— Reply to this email directly or view it on GitHub https://github.com/pythonindia/magudi/issues/2#issuecomment-165956405.

Regards Kracekumar Ramaraj http://kracekumar.com