Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Update site

  • Loading branch information...
commit d9b96140d1913ba16014682eb90e4171964932ff 1 parent 948640e
@davidjb authored
View
10 blog/2013/04/setting-up-a-shibboleth-sp-with-fastcgi-support/index.html
@@ -87,8 +87,8 @@ <h1 class="entry-title">
<span class="na">socket_owner</span><span class="o">=</span><span class="s">shibd:shibd</span>
<span class="na">socket_mode</span><span class="o">=</span><span class="s">0660</span>
<span class="na">user</span><span class="o">=</span><span class="s">shibd</span>
-<span class="na">stdout_logfile</span><span class="o">=</span><span class="s">/var/log/supervisord/shibauthorizer.log</span>
-<span class="na">stderr_logfile</span><span class="o">=</span><span class="s">/var/log/supervisord/shibauthorizer.error.log</span>
+<span class="na">stdout_logfile</span><span class="o">=</span><span class="s">/var/log/supervisor/shibauthorizer.log</span>
+<span class="na">stderr_logfile</span><span class="o">=</span><span class="s">/var/log/supervisor/shibauthorizer.error.log</span>
<span class="k">[fcgi-program:shibresponder]</span>
<span class="na">command</span><span class="o">=</span><span class="s">/usr/lib64/shibboleth/shibresponder</span>
@@ -96,15 +96,15 @@ <h1 class="entry-title">
<span class="na">socket_owner</span><span class="o">=</span><span class="s">shibd:shibd</span>
<span class="na">socket_mode</span><span class="o">=</span><span class="s">0660</span>
<span class="na">user</span><span class="o">=</span><span class="s">shibd</span>
-<span class="na">stdout_logfile</span><span class="o">=</span><span class="s">/var/log/supervisord/shibresponder.log</span>
-<span class="na">stderr_logfile</span><span class="o">=</span><span class="s">/var/log/supervisord/shibresponder.error.log</span>
+<span class="na">stdout_logfile</span><span class="o">=</span><span class="s">/var/log/supervisor/shibresponder.log</span>
+<span class="na">stderr_logfile</span><span class="o">=</span><span class="s">/var/log/supervisor/shibresponder.error.log</span>
</pre>
</li>
<li><p class="first">Note the <tt class="docutils literal">socket_*</tt> options above. I went ahead and put the <tt class="docutils literal">nginx</tt>
user into the <tt class="docutils literal">shibd</tt> group to allow group access to the given&nbsp;sockets:</p>
<pre class="code console literal-block">
<span class="go">usermod -G shibd -a nginx
-service supervisor restart
+service supervisord restart
service nginx restart</span>
</pre>
<p>If you want, you could configure them to run on a <span class="caps">TCP</span> socket instead,
View
10 feeds/all-en.atom.xml
@@ -684,8 +684,8 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.error.log&lt;/span&gt;
&lt;span class="k"&gt;[fcgi-program:shibresponder]&lt;/span&gt;
&lt;span class="na"&gt;command&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/usr/lib64/shibboleth/shibresponder&lt;/span&gt;
@@ -693,15 +693,15 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.error.log&lt;/span&gt;
&lt;/pre&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p class="first"&gt;Note the &lt;tt class="docutils literal"&gt;socket_*&lt;/tt&gt; options above. I went ahead and put the &lt;tt class="docutils literal"&gt;nginx&lt;/tt&gt;
user into the &lt;tt class="docutils literal"&gt;shibd&lt;/tt&gt; group to allow group access to the given&amp;nbsp;sockets:&lt;/p&gt;
&lt;pre class="code console literal-block"&gt;
&lt;span class="go"&gt;usermod -G shibd -a nginx
-service supervisor restart
+service supervisord restart
service nginx restart&lt;/span&gt;
&lt;/pre&gt;
&lt;p&gt;If you want, you could configure them to run on a &lt;span class="caps"&gt;TCP&lt;/span&gt; socket instead,
View
10 feeds/all.atom.xml
@@ -684,8 +684,8 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.error.log&lt;/span&gt;
&lt;span class="k"&gt;[fcgi-program:shibresponder]&lt;/span&gt;
&lt;span class="na"&gt;command&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/usr/lib64/shibboleth/shibresponder&lt;/span&gt;
@@ -693,15 +693,15 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.error.log&lt;/span&gt;
&lt;/pre&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p class="first"&gt;Note the &lt;tt class="docutils literal"&gt;socket_*&lt;/tt&gt; options above. I went ahead and put the &lt;tt class="docutils literal"&gt;nginx&lt;/tt&gt;
user into the &lt;tt class="docutils literal"&gt;shibd&lt;/tt&gt; group to allow group access to the given&amp;nbsp;sockets:&lt;/p&gt;
&lt;pre class="code console literal-block"&gt;
&lt;span class="go"&gt;usermod -G shibd -a nginx
-service supervisor restart
+service supervisord restart
service nginx restart&lt;/span&gt;
&lt;/pre&gt;
&lt;p&gt;If you want, you could configure them to run on a &lt;span class="caps"&gt;TCP&lt;/span&gt; socket instead,
View
10 feeds/web.atom.xml
@@ -540,8 +540,8 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibauthorizer.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibauthorizer.error.log&lt;/span&gt;
&lt;span class="k"&gt;[fcgi-program:shibresponder]&lt;/span&gt;
&lt;span class="na"&gt;command&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/usr/lib64/shibboleth/shibresponder&lt;/span&gt;
@@ -549,15 +549,15 @@ running. My Supervisor configuration looks like&amp;nbsp;this:&lt;/p&gt;
&lt;span class="na"&gt;socket_owner&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd:shibd&lt;/span&gt;
&lt;span class="na"&gt;socket_mode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;0660&lt;/span&gt;
&lt;span class="na"&gt;user&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;shibd&lt;/span&gt;
-&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.log&lt;/span&gt;
-&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisord/shibresponder.error.log&lt;/span&gt;
+&lt;span class="na"&gt;stdout_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.log&lt;/span&gt;
+&lt;span class="na"&gt;stderr_logfile&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="s"&gt;/var/log/supervisor/shibresponder.error.log&lt;/span&gt;
&lt;/pre&gt;
&lt;/li&gt;
&lt;li&gt;&lt;p class="first"&gt;Note the &lt;tt class="docutils literal"&gt;socket_*&lt;/tt&gt; options above. I went ahead and put the &lt;tt class="docutils literal"&gt;nginx&lt;/tt&gt;
user into the &lt;tt class="docutils literal"&gt;shibd&lt;/tt&gt; group to allow group access to the given&amp;nbsp;sockets:&lt;/p&gt;
&lt;pre class="code console literal-block"&gt;
&lt;span class="go"&gt;usermod -G shibd -a nginx
-service supervisor restart
+service supervisord restart
service nginx restart&lt;/span&gt;
&lt;/pre&gt;
&lt;p&gt;If you want, you could configure them to run on a &lt;span class="caps"&gt;TCP&lt;/span&gt; socket instead,
Please sign in to comment.
Something went wrong with that request. Please try again.