1) Rails processes run in the owner of the owner of the public directory. Since I use capistrano to release, this can't be the 'nobody' user since it's launched via ssh and svn, which checks out as the currently running user.
There doesn't appear to be any way to change this...
1a) With lighttpd I'd changed the 'log' directory to be world writeable, so the web server+rails processes could access it.
2) Litespeed should run with a user that doesn't have an ssh shell.
3) When people upload images, they're owned by the rails process owner 'rails', but then can't be read by the webserver because it's 'nobody'.
4) I tried adding 'rails' to the 'nobody' group, but saved files are created as chmod 500 or whatever, so group still has no access.
I'd really like a way to force rails to use the 'nobody' group even though the public directory is owned by someone else.
Any ideas?
There doesn't appear to be any way to change this...
1a) With lighttpd I'd changed the 'log' directory to be world writeable, so the web server+rails processes could access it.
2) Litespeed should run with a user that doesn't have an ssh shell.
3) When people upload images, they're owned by the rails process owner 'rails', but then can't be read by the webserver because it's 'nobody'.
4) I tried adding 'rails' to the 'nobody' group, but saved files are created as chmod 500 or whatever, so group still has no access.
I'd really like a way to force rails to use the 'nobody' group even though the public directory is owned by someone else.
Any ideas?
