I want to my Mojolicious::Lite that is started under root using hypnotoad to run under a different user/group (foobar/foobar in the below example).
I'm using the following configuration call:
app->config(
hypnotoad => {
listen => ["http://*:$API_Port"],
user => 'foobar',
group => 'foobar',
proxy => 1,
}
);
Unfortunately, it appears that all children still run under root, and any files created in routes also use the root and 0644 instead of the foobar and 0664.
The docs for hypnotoad appear to be rather sparse, as the only reference I could find to changing the user/group thus far are in a github issue: https://github.com/kraih/mojo/issues/733
The cpan module, Mojolicious::Plugin::SetUserGroup, appears to solve this:
# Mojolicious::Lite
plugin SetUserGroup => { user => $user, group => $group };
I got the simple solution! Just edit your Systemd Unit file and add two options: User and Group...
Example:
[Unit]
Description=My Perl service
Requires=network.target
After=network.target
# put here other service requirements
[Service]
User=testuser1
Group=testuser1
Type=simple
Restart=always
SyslogIdentifier=testperlservice
PIDFile=/home/testuser1/tmp/testperlservice.pid
ExecStart=/usr/local/bin/hypnotoad /home/testuser1/script/test -f
ExecStop=/usr/local/bin/hypnotoad -s /home/testuser1/script/test
ExecReload=/usr/local/bin/hypnotoad /home/testuser1/script/test
Related
I have a script that connects to an SFTP server with the following code:
use Net::SFTP::Foreign;
my %cfg = (
user => "$user",
password => "$password",
port => 22,
more => [-o => 'StrictHostKeyChecking no']
);
my $sftp = Net::SFTP::Foreign->new("$host",%cfg);
I am using StrictHostKeyChecking to make sure the script automatically accepts the ssh key.
The issue begins when the server replaces the host key with new one. I get the error: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
So I have to manually remove the key by running ssh-keygen -R testserver.com
After that the script works fine again.
I am trying to find a way to autmatically replace the key if it changes.
Technically I can run ssh-keygen -R testserver.com every time the script runs, but I do not like that solution.
So far I am not able to a good automated way to replace the key.
Add another option that points UserKnownHostsFile to /dev/null should do the trick, not that it's recommend from security perspective ;-)
use Net::SFTP::Foreign;
my %cfg = (
user => "$user",
password => "$password",
port => 22,
more => [-o => 'StrictHostKeyChecking=no',
-o => 'UserKnownHostsFile=/dev/null']
);
my $sftp = Net::SFTP::Foreign->new("$host",%cfg);
i ran into a problem that seems to be a bug in selenium but maybe someone can hint me to a solution anyway.
A similar question has been asked 11 months ago see: How can I change logfile path of phantomjs with selenium?
but it was not solved.
I'm using Selenium::Remote::Driver in Perl to connect to selenium. My code looks like this:
my $driver = new Selenium::Remote::Driver(
'remote_server_addr' => 'localhost',
'port' => "4444",
'browser_name' => 'phantomjs',
extra_capabilities => {
'phantomjs.cli.args' => ['--webdriver-logfile=/tmp/phantomjsdriver.log']
}
);
I found out that the phantomjs devs have integrated the parameter phantomjs.cli.args to pass parameters through to phantomjs. The parameters show up but unfortunately are added to the default parameters.
See the logfile of selenium:
10:20:29.207 INFO - Creating a new session for Capabilities [{platform=ANY, javascriptEnabled=true, acceptSslCerts=true, phantomjs.cli.args=[--webdriver-logfile=/tmp/phantomjsdriver.log], browserName=phantomjs, version=}]
10:20:29.208 INFO - executable: /usr/local/node/bin/phantomjs
10:20:29.208 INFO - port: 5710
10:20:29.208 INFO - arguments: [--webdriver-logfile=/tmp/phantomjsdriver.log, --webdriver=5710, --webdriver-logfile=/phantomjsdriver.log]
10:20:29.208 INFO - environment: {}
PhantomJS is launching GhostDriver...
Unable to open file '/phantomjsdriver.log'
On the 4th line you can see that my argument was passed but the default '--webdriver-logfile=/phantomjsdriver.log' is also part of the arguments.
I tried also to set the loglevel to NONE but it tries to open the logfile anyways.
Lastly i tried to start phantomjs with a config file but i couldn't figure out the config option for the logfile and i'm not sure that would help.
My selenium server runs as a daemon if that is important.
Any help is appreciated!
Have a nice day
Have you tried using new_from_caps method for full control of your driver instance? Using this option no defaults are assumed by the constructor.
e.g.
my $driver = Selenium::Remote::Driver->new_from_caps(
desired_capabilities => {
'browserName' => 'phantomjs',
'phantomjs.cli.args' => ['--webdriver-logfile=/tmp/phantomjsdriver.log']
}
);
See doc here: https://metacpan.org/pod/Selenium::Remote::Driver#new_from_caps
I want to copy the file from remote host to the local host with the preservation of file permission, hence i tried to use the 'copy_perm' option as per the documentation of Net::SFTP::Foreign as mentioned below -
my $sftp = Net::SFTP::Foreign->new(
host => $host,
key_path => $ssh_key_path,
copy_perm => 1,
more => [ -o => 'Compression yes' ]
);
But I am getting the below error -
Invalid option 'copy_perm' or bad combination of options at test.pl at line 101.
The line 101 is the Net::SFTP::Foreign object creation as mentioned above.
Did i miss anything or anyone has faced same issue before?
That's because copy_perm isn't an option for the new method. You use it in get and put.
I am running Puppet v3.0 on RHEL 6 and am doing package management via the exec resource.
I would like to add a number of control gates into my manifest via onlyif and unless.
First I would like to use booleans as defined in Hiera [ auto lookup function ].
Secondly I would like to use booleans from a bash script running diff <() <().
Im using the following hiera data :
---
my-class::package::patch_now:
0
my-class::package::package_list:
acl-2.2.49-6.el6-x86_64
acpid-1.0.10-2.1.el6-x86_64
...etc
and my manifest are as follows :
# less package.pp
class my-classs::package(
$package_list,
$patch_now,
){
exec {'patch_packages':
provider => shell,
path => [ "/bin/", "/usr/bin/" ],
logoutput => true,
timeout => 100,
command => "yum update -e0 -d0 -y $package_list",
unless => "/path/to/my-diff.script 2>&1 > /dev/null",
onlyif => "test 0 -eq $patch_now",
}
}
How would I test the booleans (0|1) from Hiera and a CLI diff.script with unless and onlyif in the context above ?
I'm assuming that you mean to install all listed packages in one sweep if $patch_now is set.
You should not test for that using onlyif. That is meant to verify some state on the agent system. If the master is aware of your data, you should use conditionals in the manifest structure.
if $patch_now {
exec { ... }
}
But do use true and false instead of 1 and 0 as the value for the flag - both 1 and 0 are equal to true in boolean context!
Your YAML looks funny, anyway.
To define a single value:
my-class::package::patch_now: false
To define an array:
my-class::package::package_list:
- acl-2.2.49-6.el6-x86_64
- acpid-1.0.10-2.1.el6-x86_64
- ...
When you use the array in your class, you cannot just put it in a string such as "yum update -e0 -d0 -y $package_list", for that will expand to "yum update -e0 -d0 -y acl-2.2.49-6.el6-x86_64acpid-1.0.10-2.1.el6-x86_64...", without spaces between the elements.
To concatenate the elements with spaces, use the join function from the stdlib
module.
$packages = join($package_list, ' ')
...
"yum update -e0 -d0 -y $packages"
I honestly don't get how your diff <() <() is supposed to work. The whole approach looks a little convoluted. I suspect that with a little tweaking, your diff script could probably perform the updates on its own (so that the exec just runs this script with different parameters).
EDIT after receiving more info in your comment.
To make this work cleanly, I recommend the following.
have Puppet transfer your Hiera data to the agent
file { '/opt/wanted-packages': content => inline_template('<%= package_list * "\n" %>') }
The diff will then work like you suggested, only simpler.
diff /opt/wanted-packages <(facter ...)
Just make sure that the exec requires the file and you should be fine.
my application root is /home/user/apps/learningcatalyst/CGAddressBook
in that folder I have a /mason folder where mason components are stored
my View is located in /lib/CGAddressBook/View where I have a few files called login_form and addressbook.
Couldn't render component "login_form" - error was "could not find component for initial path '/login_form' (component roots are: '/home/user/apps/learningcatalyst/CGAddressBook/lib/CGAddressBook/View')
is the error I get when trying to reach the site through Apache. My apache conf file is
PerlSwitches -I/home/user/apps/learningcatalyst/CGAddressBook/lib
PerlModule CGAddressBook
<Location /user_catalyst/>
SetHandler modperl
PerlResponseHandler CGAddressBook
</Location>
DocumentRoot /home/user/apps/learningcatalyst/CGAddressBook/root
<Location /user_catalyst/static>
SetHandler default-handler
</Location>
All folders are readable by user, its group, and other. The mason folder, where Mason is set to write its cache, is set to read, write, and execute by user, group, and other. Its owner is user.
I have restarted Apache to no avail, I have changed folder owners (and recursively) of both the /View and /mason.
The application works just fine when running script/cgaddressbook_server.pl -r -p3001 and I go to my site on port 3001.
The path to comp_root is meant to be the path to your template "components". You appear to be pointing it at the same directory as the "View" package. You "might" actually have the components there but that is not really a good practice.
The default location without specifying this should be the "root/comps" folder ( or something like that ) in your Catalyst project structure. One of my own samples is like this:
package SnakierTen::Web::View::HTML;
use Modern::Perl;
use Moose;
use MooseX::NonMoose;
extends 'Catalyst::View::Mason2';
around BUILDARGS => sub {
my ( $orig, $class, $c, #args ) = #_;
$class->config(
comp_root => $c->path_to( 'root' ),
data_dir => $c->path_to( 'data' ),
plugins => [
'TidyObjectFiles',
'HTMLFilters',
],
);
$class->$orig( $c, #args );
};
__PACKAGE__->meta->make_immutable;
no Moose;
1;
Aside from that, direct support of Mod Perl handlers is being deprecated in Catalyst core.
The favored method is to start the application under it's own PSGI compliant server and use a "front end" web server to "proxy" the requests to this application server.
Where you must run the application under a mod_perl environment, it is still recommended to run under a PSGI handler. There are some notes here that are a part of the documentation yet to be built on this. You can use the methods there to guide you in doing this.