Why "user" directive is not effective for master process?
mdounin at mdounin.ru
Thu Dec 16 06:26:55 MSK 2010
On Wed, Dec 15, 2010 at 09:12:53PM -0500, speedfirst wrote:
> When I set "user user1;" in config and use sudo to start nginx, all
> worker processes are owned by "user1", only master process are owned by
> "root". With these, I can't create a Linux account with proper
> permission setting for only nginx.
Master process needs root to (re)open listening sockets on
priveleged ports, upgrade binary and so on.
If you want master to be non-root you are free to start it as
normal user. Though you may need some OS tuning to allow it to bind
to privileged ports in this case (not sure if Linux will be able
to do this securely).
More information about the nginx