Welcome! Log In Create A New Profile

Advanced

Noobs questions about Nginx user...

Posted by Andrea 
Noobs questions about Nginx user...
June 06, 2009 04:07AM
Hi guys, i'm a designer that just started using webservers so sorry in advance for my stupid questions :)

I've installed Nginx on my server (Ubuntu 8.10), and everything is working fine, but in the config file i can see that nginx want an user named www-data... but my ubuntu doesn't have one...
Now my question is... even if everything is working fine without this user should i create one? And then? Should i give my Rails application folders permissions to this www-data user?
Is this very important and why? Or if everything is working (maybe nginx is using my andrea user?) fine i can leave the server as it is without www-data?

Thanks for helping a damsel in distress :)



Edited 5 time(s). Last edit at 06/06/2009 04:10AM by Andrea.
Re: Noobs questions about Nginx user...
June 06, 2009 09:47AM
If you installed a package then that package perhaps created the user "www-data"? From the command line you can run

[code]
# cat /etc/passwd | grep www-data
[/code]

to confirm there is such a user. If you already did that and I'm insulting your intelligence then I apologize. :)

You can also run

[code]
# ps -elf | grep nginx
[/code]

to see what user owns the nginx worker process(es).

In any event, it's not essential that you use that user. Nginx runs a master process and one or more workers. The master is started by and owned by root and the workers by whatever user is listed in nginx.conf. So you can edit as follows:


nginx.conf[code]
user andrea;
...
[/code]

If that line is commented out then nginx will use the "default" user. If you compile from source, then you can set the default user in the ./configure command:

[code]
./configure --user=andrea
[/code]

If none is set at compile time the default "default user" is "nobody". Again this can be overridden in nginx.conf.

It's not essential which user owns the worker process(es). If this is a home server then it's not a big issue issue. In a production environment on the Internet it is best to make it a non-priviliged user for security reasons.

--
Jim Ohlstein
Re: Noobs questions about Nginx user...
June 06, 2009 10:59AM
Hi Jim, thanks for your reply!
No, you haven't insulted my intelligence at all, infact the user www-data exists, my shame :)

I got this

[code]
andrea ~: cat /etc/passwd | grep www-data
www-data:x:33:33:www-data:/var/www:/bin/sh

andrea ~: ps -elf | grep nginx
1 S root 4945 1 0 80 0 - 1026 rt_sig 07:46 ? 00:00:00 nginx: master process /opt/nginx/sbin/nginx
5 S www-data 4946 4945 0 80 0 - 1067 ep_pol 07:46 ? 00:00:00 nginx: worker process
5 S www-data 4957 4945 0 80 0 - 1067 ep_pol 07:46 ? 00:00:00 nginx: worker process
5 S www-data 4958 4945 0 80 0 - 1067 ep_pol 07:46 ? 00:00:00 nginx: worker process
5 S www-data 4975 4945 0 80 0 - 1067 ep_pol 07:46 ? 00:00:00 nginx: worker process
0 R andrea 6639 6372 0 80 0 - 484 - 07:51 pts/1 00:00:00 grep nginx
[/code]

Now i have another noob question, everything is working fine, but my applications folders belongs to the user andrea... is this normal, why www-data work if the folder are owned by andrea? Should i give the application folders ownership and permissions to www-data or i can leave everything as it is (everything is working after all)?
It's for an home server now, but i want to learn the best as possibile :)

Thank you, and sorry for my english, i write from Italy :)
Re: Noobs questions about Nginx user...
June 06, 2009 11:54AM
Hi Andrea,

Your English is far superior to my Italian. :)

The nginx workers only need read access to your files so as long as permissions are set as 644 for files and 755 for directories then it will work fine. If your application requires files to be written then you need to either change the owner or the permissions.

--
Jim Ohlstein
Re: Noobs questions about Nginx user...
June 06, 2009 12:32PM
Thank you Jim!
Re: Noobs questions about Nginx user...
June 07, 2009 10:16AM
I have two new questions... i hope you can still help me :)

1) What is the "use epoll" in the config? I searched on google, but i couldn't understand very well... i am on ubuntu and i'm using ruby on rails, should i leave this on?

2) To redirect the www and my other subdomains on my main domain i used rewrite rules like this
[code]server {
listen 80;
server_name www.domain1.com;
rewrite ^/(.*) http://domain1.com/$1 permanent;
}

server {
listen 80;
server_name domain1.com;
}
[/code]

But i've read that i can also doing something like this:
[code]
server {
listen 80;
server_name domain1.com www.domain.com test.domain.com;
}
[/code]

There are differences? Isin't the 2th version better?

Thanks as always :)



Edited 2 time(s). Last edit at 06/07/2009 10:18AM by Andrea.
Re: Noobs questions about Nginx user...
June 07, 2009 01:50PM
Andrea Wrote:
-------------------------------------------------------
> I have two new questions... i hope you can still
> help me :)
>
> 1) What is the "use epoll" in the config? I
> searched on google, but i couldn't understand very
> well... i am on ubuntu and i'm using ruby on
> rails, should i leave this on?

For a home testing server it doesn't much matter. There are various "event-models" by which (as I understand it - I am not a C programmer) nginx passes events to the operating system kernel. This is either defined at configure time or nginx will find the most suitable method based on your operating system. For modern Linux kernels such as you are using, epoll is best.

>
> 2) To redirect the www and my other subdomains on
> my main domain i used rewrite rules like this
> server {
> listen 80;
> server_name www.domain1.com;
> rewrite ^/(.*) http://domain1.com/$1
> permanent;
> }
>
> server {
> listen 80;
> server_name domain1.com;
> }
>
>
> But i've read that i can also doing something like
> this:
>
> server {
> listen 80;
> server_name domain1.com www.domain.com
> test.domain.com;
> }
>
>
> There are differences? Isin't the 2th version
> better?
>
> Thanks as always :)


The way I redirect is:

[code]
server {
listen 80;
server_name myhost.com;
...
}

server {
listen 80;
server_name www.myhost.com;
rewrite ^ http://myhost.com$request_uri? permanent;
}
[/code]

That's what was suggested by Igor (nginx developer) so that's what I use.

--
Jim Ohlstein
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 86
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready