@@ -1,5 +1,7 @@ *unreleased* +* Only make deploy:start, deploy:stop, and deploy:restart try sudo as :runner. The other sudo-enabled tasks (deploy:setup, deploy:cleanup, etc.) will now use the :admin_runner user (which by default is unset). [Jamis Buck] + * Make sure triggers defined as a block inherit the scope of the task they are attached to, instead of the task they were called from [Jamis Buck] * Make deploy:upload use the upload() helper for more efficient directory processing [Jamis Buck] CHANGELOG @@ -27,6 +27,8 @@ _cset :deploy_via, :checkout _cset(:deploy_to) { "/u/apps/#{application}" } _cset(:revision) { source.head } +_cset :runner_admin, nil + # ========================================================================= # These variables should NOT be changed unless you are very confident in # what you are doing. Make sure you understand all the implications of your @@ -94,10 +96,22 @@ end # another command, for executing that command as described below. # # If :run_method is :sudo (or :use_sudo is true), this executes the given command -# via +sudo+. Otherwise is uses +run+. Further, if sudo is being used and :runner -# is set, the command will be executed as the user given by :runner. -def try_sudo(command=nil) - as = fetch(:runner, "app") +# via +sudo+. Otherwise is uses +run+. If :as is given as a key, it will be +# passed as the user to sudo as, if using sudo. If the :as key is not given, +# it will default to whatever the value of the :admin_runner variable is, +# which (by default) is unset. +# +# THUS, if you want to try to run something via sudo, and what to use the +# root user, you'd just to try_sudo('something'). If you wanted to try_sudo as +# someone else, you'd just do try_sudo('something', :as => "bob"). If you +# always wanted sudo to run as a particular user, you could do +# set(:admin_runner, "bob"). +def try_sudo(*args) + options = args.last.is_a?(Hash) ? args.pop : {} + command = args.shift + raise ArgumentError, "too many arguments" if args.any? + + as = options.fetch(:as, fetch(:admin_runner, nil)) via = fetch(:run_method, :sudo) if command invoke_command(command, :via => via, :as => as) @@ -108,6 +122,14 @@ def try_sudo(command=nil) end end +# Same as sudo, but tries sudo with :as set to the value of the :runner +# variable (which defaults to "app"). +def try_runner(*args) + options = args.last.is_a?(Hash) ? args.pop : {} + args << options.merge(:as => fetch(:runner, "app")) + try_sudo(*args) +end + # ========================================================================= # These are the tasks that are available to help with deploying web apps, # and specifically, Rails applications. You can have cap give you a summary @@ -260,7 +282,7 @@ namespace :deploy do set :use_sudo, false DESC task :restart, :roles => :app, :except => { :no_release => true } do - try_sudo "#{current_path}/script/process/reaper" + try_runner "#{current_path}/script/process/reaper" end desc <<-DESC @@ -418,7 +440,7 @@ namespace :deploy do the :use_sudo variable to false. DESC task :start, :roles => :app do - run "cd #{current_path} && #{try_sudo} nohup script/spin" + run "cd #{current_path} && #{try_runner} nohup script/spin" end desc <<-DESC @@ -433,8 +455,8 @@ namespace :deploy do the :use_sudo variable to false. DESC task :stop, :roles => :app do - run "if [ -f #{current_path}/tmp/pids/dispatch.spawner.pid ]; then #{try_sudo} #{current_path}/script/process/reaper -a kill -r dispatch.spawner.pid; fi" - try_sudo "#{current_path}/script/process/reaper -a kill" + run "if [ -f #{current_path}/tmp/pids/dispatch.spawner.pid ]; then #{try_runner} #{current_path}/script/process/reaper -a kill -r dispatch.spawner.pid; fi" + try_runner "#{current_path}/script/process/reaper -a kill" end namespace :pending do lib/capistrano/recipes/deploy.rb 2ac1906a3ab0bda997ca3b028b9b20d222faf3fe Jamis Buck jamis@37signals.com http://github.com/jamis/capistrano/commit/41c0da75259f92632e22d12606350b837b286c39 41c0da75259f92632e22d12606350b837b286c39 2008-06-05T20:30:42-07:00 2008-06-05T20:30:42-07:00 Only use :runner for tasks that affect the application's execution. This includes deploy:start, deploy:stop, and deploy:restart. The other sudo-enabled tasks (deploy:cleanup and deploy:setup) will try sudo as the :admin_runner variable, allowing people to either leave that value unset (causing those tasks to try sudo as root), or to set it to some other value. 1081fb50bc7c5d35ba40b35731c725ed6225bec7 Jamis Buck jamis@37signals.com