#107 new
Mina Naguib

Permissions too restrictive on single socket

Reported by Mina Naguib | August 10th, 2009 @ 02:50 PM | in Future

When a single thin is started with the --socket option:

thin --socket /tmp/app1.thin.sock start
>> Using rails adapter
>> Thin web server (v1.2.2 codename I Find Your Lack of Sauce Disturbing)
>> Maximum connections set to 1024
>> Listening on /tmp/app1.thin.sock, CTRL+C to stop

The permissions on the socket are too restrictive to allow others to talk to it:

ls -la /tmp/app1.thin.sock
srwxr-xr-x 1 mina mina 0 Aug 10 14:47 /tmp/app1.thin.sock

Since nginx is not running as "mina", I need to manually relax the socket's permissions with chmod every time (give "w"rite to world).

Interestingly, thin started with multiple servers via --servers doesn't have this problem.

Comments and changes to this ticket

  • macournoyer

    macournoyer August 10th, 2009 @ 10:07 PM

    If you daemonize the process (-d option) it should work to.

    Why don't you daemonize it?

  • Mina Naguib

    Mina Naguib August 10th, 2009 @ 11:24 PM

    No reason, other that it wasn't part of usual flow (GNU screen/window 0=web server/easy restart via ctrl+c,up,enter)

    --daemonize appears to work. Thanks for the tip.

    Took me a while to figure it out though. If it's a trivial fix I think it might be worth addressing.

  • Mnemoc

    Mnemoc November 2nd, 2010 @ 06:44 PM

    • Milestone order changed from “0” to “0”

    In my case I don't daemonize because I supervise (using runit) the thin instances. The applications run as a user, and the webserver belongs to the group of each of those.

    Can you add an argument to set the permissions of the socket? I'm having to run a cron job each 1m to chmod g+w /var/run/thin-*.socket and to use a wrapper to send HUP to the daemon... but still I'm getting 502 errors logged from time to time. pretty frustrating.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

People watching this ticket