We are deploying our rails app on a ubuntu 10.04 server. When cap deploy:setup, there is a error saying that:
* executing "mkdir -p /vol/www/myapp /vol/www/myapp/releases /vol/www/myapp/shared /vol/www/myapp/shared/system /vol/www/myapp/shared/log /vol/www/myapp/sha
red/pids"
servers: ["11.15.69.45"]
Password:
[11.15.69.245] executing command
*** [err :: 11.15.69.45] mkdir: cannot create directory `/vol/www/myapp/releases'
the output of ls -ld /vol/www is:
drwxr-xr-x 3 root root 4096 2011-11-22 04:35 /vol/www
What kind of additional rights do we need to assign on the web server and which subdir those rights need to be assigned to?
答え1
There seems to be some confusion about your problem here. Andrew's answer addresses the issue, "does the web server have the proper permissions to write to the directly you're deploying to?"
However, you're actually having problems at an earlier stage: deploying your code to the server. At this phase, it doesn't matter so much whether the web server can write to /vol/www, but whether the user you're connecting as when you deploy the code has permissions to write to that directory.
Andrew's solution still basically applies, but slightly differently.
I'd recommend one of the following approaches:
Since you've already set up
/vol/www
to be group-writable by thewww-data
group, you can just add your user to that group:sudo usermod -aG www-data your-username
Or, you can make yourself the owner and give yourself access that way. Since you've already set up group access for the web server, changing the directory's owner shouldn't cause problems down the line.
sudo chown your-username /vol/www
Either of those options should give your user the proper access to deploy the code, and also preserve the web server's access to that directory.
答え2
The web server user in Ubuntu is www-data (unless you're running with mod_suexec). So www-data needs write permission on /vol/www. One way to do it is by making www-data the owner:
chown www-data /vol/www
Or you could use group ownership and permissions:
chgrp www-data /vol/www
chmod g+w /vol/www
A third way is with ACLs:
setfacl -m u:www-data:rwx /vol/www
getfacl /vol/www # to see the ACL grant