I seem to be having trouble figuring out why supervisord won't run as a non-root user. If I start it with the user set to jason (pid 1000), I get the following in the log file:
2010-05-24 08:53:32,143 CRIT Set uid to user 1000
2010-05-24 08:53:32,143 WARN Included extra file "/home/jason/src/tsched/celeryd.conf" during parsing
2010-05-24 08:53:32,189 INFO RPC interface 'supervisor' initialized
2010-05-24 08:53:32,189 WARN cElementTree not installed, using slower XML parser for XML-RPC
2010-05-24 08:53:32,189 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2010-05-24 08:53:32,190 INFO daemonizing the supervisord process
2010-05-24 08:53:32,191 INFO supervisord started with pid 3444
...then the process dies for some unknown reason. If I start it without sudo (under the user jason), I get similar output:
2010-05-24 08:51:32,859 INFO supervisord started with pid 3306
2010-05-24 08:52:15,761 CRIT Can't drop privilege as nonroot user
2010-05-24 08:52:15,761 WARN Included extra file "/home/jason/src/tsched/celeryd.conf" during parsing
2010-05-24 08:52:15,807 INFO RPC interface 'supervisor' initialized
2010-05-24 08:52:15,807 WARN cElementTree not installed, using slower XML parser for XML-RPC
2010-05-24 08:52:15,807 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2010-05-24 08:52:15,808 INFO daemonizing the supervisord process
2010-05-24 08:52:15,809 INFO supervisord started with pid 3397
...and it still doesn't run. If it's any help, here's the supervisord.conf file I'm using:
[unix_http_server]
file=/tmp/supervisor.sock ; path to your socket file
[supervisord]
logfile=./supervisord.log ; supervisord log file
logfile_maxbytes=50MB ; maximum size of logfile before rotation
logfile_backups=10 ; number of backed up logfiles
loglevel=debug ; info, debug, warn, trace
pidfile=./supervisord.pid ; pidfile location
nodaemon=false ; run supervisord as a daemon
minfds=1024 ; number of startup file descriptors
minprocs=200 ; number of process descriptors
user=jason ; default user
childlogdir=./supervisord/ ; where child log files will live
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///tmp/supervisor.sock ; use unix:// schem for a unix sockets.
[include]
# Uncomment this line for celeryd for Python
files=celeryd.conf
# Uncomment this line for celeryd for Django.
;files=django/celeryd.conf
...and here's celeryd.conf:
[program:celery]
command=bin/celeryd --loglevel=INFO --logfile=./celeryd.log
environment=PYTHONPATH='./tsched_worker',
JIVA_DB_PLATFORM='oracle',
ORACLE_HOME='/usr/lib/oracle/xe/app/oracle/product/10.2.0/server',
LD_LIBRARY_PATH='/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/lib',
TNS_ADMIN='/home/jason',
CELERY_CONFIG_MODULE='tsched_worker.celeryconfig'
directory=.
user=jason
numprocs=1
stdout_logfile=/var/log/celeryd.log
stderr_logfile=/var/log/celeryd.log
autostart=true
autorestart=true
startsecs=10
; Need to wait for currently executing tasks to finish at shutdown.
; Increase this if you have very long running tasks.
stopwaitsecs = 600
; if rabbitmq is supervised, set its priority higher
; so it starts first
priority=998
Can anyone help me figure out what's going on?
Try commenting out this param. If you don't specify a user, it should run with the same user id that started the process.
I'm very new to supervisor myself but I'm also trying to get it working with celeryd. For now I'm happy for supervisord to be running as root as it's being run with an init.d script, mind.
Anyway have a look at the log and error log files for supervisord. What's in there? On Ubuntu 10.10 they're in
/var/log/supervisor/supervisord.log. You can peer at using the command 'maintail' in supervisorctl.Perhaps somewhat unrelated but make sure you don't make the same mistake as I did. I had a bunch of directories and files (log files) that I was trying to use as non-root that had accidentally already been owned by root thus making it impossible to continue supervisord as non-root. Blogged about it here