Recently, my colleague at Arkency Paweł Pacana wanted to manage application process with upstart. He started with the previous article about upstart and finished with robust deployment configuration with reliable setup using… runit. He summarised upstart briefly: “so sudo” so I decided to extend my latest blogpost with some information about upstart user jobs.
Although I am glad that my article was inspiring, it turned out not to be comprehensive enough. I decided to extend it, so that anyone can use
upstart in every environment.
Where’s the problem?
Last time we managed to run our job in a way that the
sudo privileges to manage the application. However the user should be able to do all that without the root permissions. The whole reason for having the deployer user is to manage his own application without any additional requirements.
In regular way upstart keeps all of the
.conf files in
We need to change it now to user own (home) directory,
mkdir ~/.init mv /etc/init/my_application.conf ~/.init
Enabling user jobs
We have to modify upstart configuration to be able to run user jobs. Open it with your favourite text editor:
To support fully functionality it should look like:
<policy context="default"> <allow send_destination="com.ubuntu.Upstart" send_interface="org.freedesktop.DBus.Introspectable" /> <allow send_destination="com.ubuntu.Upstart" send_interface="org.freedesktop.DBus.Properties" /> <allow send_destination="com.ubuntu.Upstart" send_interface="com.ubuntu.Upstart0_6" /> <allow send_destination="com.ubuntu.Upstart" send_interface="com.ubuntu.Upstart0_6.Job" /> <allow send_destination="com.ubuntu.Upstart" send_interface="com.ubuntu.Upstart0_6.Instance" /> </policy>
Once you’ve modified your upstart job you need to restart dbus the last time using
sudo service dbus restart
When we move
~/.init, upstart will no longer log its output, so you won’t be able to see any errors, we need to modify
So there are a few changes we need to add to get
my_program.conf working right:
#~/.init/my_program.conf # append path to your other executables: env PATH=/var/www/myprogram.com/current/bin:/usr/local/rvm/wrappers/my_program/ setuid deployer chdir /var/www/myprogram.com pre-start script exec >/home/deployer/my_program.log 2>&1 end script
Remember to update your
my_program.conf, forward output to
.log file and set user name before process run.
If you have user belonging to some group, you’ll have to define this group in
my_program.conf too as
setgid GROUP_NAME. See more about that:
Now you will be able to
start my_program without appending