Changes between Version 5 and Version 6 of UserGuide/Service/Upstart


Ignore:
Timestamp:
05/01/2012 02:00:45 AM (12 years ago)
Author:
kit
Comment:

Big changes: New section on user management. New defaults for umask and chmod octal values. Lots more explanations and some more examples. Prefixed commands with #s. Some minor clean up.

Legend:

Unmodified
Added
Removed
Modified
  • UserGuide/Service/Upstart

    v5 v6  
    22 
    33[[PageOutline(2-10,Ubuntu Upstart Job)]] 
    4 Based on the previous Ubuntu scripts [http://dev.deluge-torrent.org/wiki/UserGuide/InitScript/Ubuntu/ here]. 
     4Based on the previous Ubuntu init script [http://dev.deluge-torrent.org/wiki/UserGuide/InitScript/Ubuntu/ here]. 
     5=== Notes === 
     6 * Seems to work for me, please update this guide if you can improve it. 
    57 
    6 === Notes === 
    7  * This seems to work for me. 
    8  * I can't remember if I manually created the deluge user first, you may need to. 
    9  * Please update this guide if you can improve it. 
     8== User Management == 
     9This guide assumes you have a user and group account specifically for running Deluge as.[[br]]If not, you may need to create them using something like the following command: 
     10{{{ 
     11# sudo adduser --system --group --home /var/lib/deluge deluge 
     12}}} 
     13 * Assuming the user and group didn't already exist, this creates a new system user and group named deluge with no login access and /var/lib/deluge as the home directory. 
     14 
     15Add any users you wish to be able to easily manage or access files downloaded through Deluge to the group deluge will run as, for example: 
     16{{{ 
     17# sudo adduser <username> deluge 
     18}}} 
    1019 
    1120== Upstart Jobs == 
    12 Put this in /etc/init/deluge.conf and set uid and gid to the user and group you wish to run deluge as: 
     21'''Put this in /etc/init/deluge.conf and set uid and gid to the user and group you wish to run Deluge as:''' 
    1322{{{ 
    1423start on (filesystem and networking) or runlevel [2345] 
     
    1726env uid=deluge 
    1827env gid=deluge 
    19 env umask=000 
     28env umask=007 
    2029 
    2130exec start-stop-daemon -S -c $uid:$gid -k $umask -x /usr/bin/deluged -- -d 
    2231}}} 
     32 * Warning: You may wish to modify the above umask as it affects new files downloaded through deluge after it is started with this upstart job. 
     33  * 007 grants full access to the user and members of the group Deluge is running as (in this case deluge) and prevents access from all other accounts. 
     34  * 022 grants full access to the user Deluge is running as and only read access to other accounts. 
     35  * 000 grants full access to all accounts.[[br]]Refer to [http://en.wikipedia.org/wiki/Umask#Octal_umasks Wikipedia] for details of possible values and their effects. 
     36 If you experiment with different values, Deluge must be stopped and started instead of just restarted after changes, as described later in this page.[[br]]If you enable logging, as described later in this page, the umasks specified here also affect the permissions of newly created logs. 
    2337 
    24 This should be placed in /etc/init/deluge-web.conf, remember to set uid and gid to your preference: 
     38'''Put this in /etc/init/deluge-web.conf, remember to set uid and gid to your preference:''' 
    2539{{{ 
    2640start on started deluge 
     
    2943env uid=deluge 
    3044env gid=deluge 
     45env umask=027 
    3146 
    32 exec start-stop-daemon -S -c $uid:$gid -x /usr/bin/deluge-web 
     47exec start-stop-daemon -S -c $uid:$gid -k $umask -x /usr/bin/deluge-web 
    3348}}} 
    34  * Note: The above umasks grants all users of your system full access to your downloads. 
    35  * Refer to [http://en.wikipedia.org/wiki/Umask#Octal_umasks Wikipedia] for a primer on possible values and their effects. 
     49 * Note: The use of a umask with deluge-web is believed to only affect the permissions of plugin scripts installed through the web UI and, if you enable logging, deluge-web logs. 
     50  * 027 grants full access to the user deluge is running as, read access to members of the group that deluge is running as and prevents access from all other accounts.[[br]]Group permission was restricted to read only in order to prevent the possibility that compromised member accounts could inject malicious code in to plugins or modify the log. 
    3651 
    3752==== Migration ==== 
    3853If you followed the old guide to make an init script, remove it: 
    3954{{{ 
    40 sudo /etc/init.d/deluge-daemon stop 
    41 sudo rm /etc/init.d/deluge-daemon 
    42 sudo update-rc.d deluge-daemon remove 
     55# sudo /etc/init.d/deluge-daemon stop 
     56# sudo rm /etc/init.d/deluge-daemon 
     57# sudo update-rc.d deluge-daemon remove 
    4358}}} 
    4459 
    45 ==== Start deluge ==== 
     60==== Starting (and stopping) Deluge ==== 
    4661{{{ 
    47 sudo start deluge 
     62# sudo start deluge # and stopping: # sudo stop deluge 
    4863}}} 
    4964 
    5065==== Web UI ==== 
    51  * To prevent the web-ui starting automatically after deluge, just remove the 'start on' line from deluge-web.conf or comment it out by adding a # before it.[[BR]]The web-ui can then be started (and stopped) manually with: 
     66 * To prevent the web UI starting automatically after Deluge, just remove the 'start on' line from deluge-web.conf or comment it out by adding a # before it.[[BR]]The web UI can then be started (and stopped) manually with: 
    5267{{{ 
    53 sudo start deluge-web # sudo stop deluge-web 
     68# sudo start deluge-web # and stopped with: # sudo stop deluge-web 
    5469}}} 
    5570 
    5671 
    5772== Logging == 
    58 Create a structure for deluge to log to: 
     73Create a structure for Deluge to log to and give the user that Deluge is running as (in this case deluge) full access to that directory: 
    5974{{{ 
    60 sudo mkdir -p /var/log/deluge 
     75# sudo mkdir -p /var/log/deluge 
     76# sudo chown -R deluge:deluge /var/log/deluge 
     77# sudo chmod -R 750 /var/log/deluge 
    6178}}} 
    62 Give the user that deluge is running as (in this case deluge) write-access to the logs: 
    63 {{{ 
    64 sudo chmod -R 755 /var/log/deluge 
    65 sudo chown -R deluge /var/log/deluge 
    66 }}} 
    67 Edit the init confs like so: 
     79 * Note: The previous commands affect the log directory and all files within it.[[br]]However, as already mentioned, the umask specified in the upstart jobs at the top of this page affect the permissions new logs are created with. 
     80  * 750 grants full access to the deluge user, only recurse tree and read access to members of the deluge group and prevents access from all other accounts.[[br]]Refer to [http://en.wikipedia.org/wiki/Chmod#Octal_numbers Wikipedia ] for details of possible values and their effects. 
     81 
     82Edit the upstart job confs like so: 
    6883{{{ 
    6984exec start-stop-daemon -S -c $uid:$gid -k $umask -x /usr/bin/deluged -- -d -l /var/log/deluge/daemon.log -L warning 
     
    7287exec start-stop-daemon -S -c $uid:$gid -x /usr/bin/deluge-web -- -l /var/log/deluge/web.log -L warning 
    7388}}}  
    74  * Refer to [wiki:Faq#EnableDelugeLogging FAQ] for possible log-levels. 
     89 * Refer to the [wiki:Faq#EnableDelugeLogging FAQ] for possible log-levels. 
    7590 
    7691Restart the daemon: 
    7792{{{ 
    78 sudo restart deluge 
     93# sudo restart deluge 
    7994}}} 
    8095