Deploying with capistrano does ignore group settin

2019-04-08 05:48发布

问题:

In my deploy-file I set the group to www-data:

set :user,            "root"
set :group,           "www-data"

so when using cap:setup I expected capistrano to chown the folders with root:www-data

But all folders and files are root:root.

Any ideas where this problem could come from?

Information: I'm Using system-wide-rvm.

回答1:

as for my understanding you should do it manually, what setup does is to use the user to login, not to set the rights to directory.

I have found no group setting for capistrano, maybe you were using some extensions for it?

What you could do to change it could be:

after "deploy:setup", :setup_group
task :setup_group do
  run "chown -R :#{group} #{deploy_to} && chmod -R g+s #{deploy_to}"
end

But in first place you should not use root for deployment, as @Julian mentions in comment better practice is to use separate user for this task and set his group to proper group, then it will not require the above task and will work automatically.



回答2:

Just chiming in: there is no mention of :group in Capistrano source code whatsoever. I suppose it's a cargo cult option. And the :user option is only used for the SSH connection.

As to your question, directories and files that Capistrano creates are created with the default permissions, it never chowns them in any way; if you're deploying as root then they will belong to root:root.



回答3:

Better than fixing an issue is not having it in the first place:

  1. First, create another user to deploy with (as Julien suggests).
    Say we call him deployer.
  2. Then use him for the SSH connection
    set :user, 'deployer'
  3. Lastly, we don't want to be use sudo, so turn it off by adding
    set :use_sudo, false
    to your deploy.rb.