Skip to content
Permalink
Browse files

Add a warning that tmp cleaners may delete socket file.

References #1105
References #1238
  • Loading branch information...
mnaberez committed Jun 11, 2019
1 parent 9ce7314 commit bfa2e7065a01fc40ef51b5839bf966a5d5cb2077
Showing with 28 additions and 13 deletions.
  1. +14 −6 docs/configuration.rst
  2. +14 −7 supervisor/skel/sample.conf
@@ -73,19 +73,27 @@ configuration values are as follows.

``file``

A path to a UNIX domain socket (e.g. :file:`/tmp/supervisord.sock`)
on which supervisor will listen for HTTP/XML-RPC requests.
:program:`supervisorctl` uses XML-RPC to communicate with
:program:`supervisord` over this port. This option can include the
value ``%(here)s``, which expands to the directory in which the
:program:`supervisord` configuration file was found.
A path to a UNIX domain socket on which supervisor will listen for
HTTP/XML-RPC requests. :program:`supervisorctl` uses XML-RPC to
communicate with :program:`supervisord` over this port. This option
can include the value ``%(here)s``, which expands to the directory
in which the :program:`supervisord` configuration file was found.

*Default*: None.

*Required*: No.

*Introduced*: 3.0

.. warning::

The example configuration output by :program:`echo_supervisord_conf` uses
``/tmp/supervisord.sock`` as the socket file. That path is an example only
and will likely need to be changed to a location more appropriate for your
system. Some systems periodically delete older files in ``/tmp``. If the
socket file is deleted, :program:`supervisorctl` will be unable to
connect to :program:`supervisord`.

``chmod``

Change the UNIX permission mode bits of the UNIX domain socket to
@@ -12,6 +12,20 @@
; - Command will be truncated if it looks like a config file comment, e.g.
; "command=bash -c 'foo ; bar'" will truncate to "command=bash -c 'foo ".
;
; Warning:
; Paths throughout this example file use /tmp because it is available on most
; systems. You will likely need to change these to locations more appropriate
; for your system. Some systems periodically delete older files in /tmp.
; Notably, if the socket file defined in the [unix_http_server] section below
; is deleted, supervisorctl will be unable to connect to supervisord.

[unix_http_server]
file=/tmp/supervisor.sock ; the path to the socket file
;chmod=0700 ; socket file mode (default 0700)
;chown=nobody:nogroup ; socket file uid:gid owner
;username=user ; default is no username (open server)
;password=123 ; default is no password (open server)

; Security Warning:
; The inet HTTP server is not enabled by default. The inet HTTP server is
; enabled by uncommenting the [inet_http_server] section below. The inet
@@ -22,13 +36,6 @@
; by default (see the username= and password= options to add authentication).
; Never expose the inet HTTP server to the public internet.

[unix_http_server]
file=/tmp/supervisor.sock ; the path to the socket file
;chmod=0700 ; socket file mode (default 0700)
;chown=nobody:nogroup ; socket file uid:gid owner
;username=user ; default is no username (open server)
;password=123 ; default is no password (open server)

;[inet_http_server] ; inet (TCP) server disabled by default
;port=127.0.0.1:9001 ; ip_address:port specifier, *:port for all iface
;username=user ; default is no username (open server)

0 comments on commit bfa2e70

Please sign in to comment.
You can’t perform that action at this time.