Deployer: Deploying under different (root) user

Created on 18 Aug 2016  路  10Comments  路  Source: deployphp/deployer

| Q | A |
| --- | --- |
| Issue Type | Question |
| Deployer Version | N/A |
| Local Machine OS | N/A |
| Remote Machine OS | N/A |

On production server I have user "produser" and it is in sudoers. Webapp directory is /www/application and owner of it is root (root:root). When I try to deploy there I got permission problem (cant create directories etc).
Is there any possibility to switch user before deploy? I cannot change permissions of application dir and I can not get root password

picture JSpock

All 10 comments

I think with your case, you should deploy to other directory and make a symlink point to it.

oanhnn picture oanhnn on 19 Aug 2016

Use server(...)->user('root')

antonmedv picture antonmedv on 19 Aug 2016

Use server(...)->user('root')

I can't because I dont have root user password. Yes, it is kinda tricky situation and I cant figure out how to get deployer work for it. Another way is to rewrite common recipe and add sudo before every command (maybe it could be feature?)

JSpock picture JSpock on 19 Aug 2016

@JSpock
Can you try with deploy_path different /www/application :smile: 

task('deploy:link', function () {
    run("cd /www/application && sudo ln -sfn {{current}} current");
});
after('deploy:symlink', 'deploy:link');
oanhnn picture oanhnn on 19 Aug 2016

@oanhnn That was my first idea too, but unfortunately, it is not an option. Files must also be root:root. So main question is, how it is possible to switch user before deploy on remote machine

JSpock picture JSpock on 19 Aug 2016
👍1

I face the same/similar problem:

  • Login to our server as root
  • Deployment as www-data

So first step after login to server has to be to change user.

My first idea was to rewrite deploy:prepare and add command to change user after login:

/**
 * Preparing server for deployment.
 */
task('deploy:prepare', function () {
    \Deployer\Task\Context::get()->getServer()->connect();

/**
 * Preparing server for deployment.
 */
task('deploy:prepare', function () {
    \Deployer\Task\Context::get()->getServer()->connect();
    run('sudo su www-data');

Ref: recipe/common.php:104

kkrieger85 picture kkrieger85 on 12 Oct 2016

Please, use sudo for switching users.

antonmedv picture antonmedv on 12 Oct 2016

That's not the solution.

Have a look at: https://github.com/deployphp/deployer/blob/master/recipe/common.php#L104

There is no chance to switch user there between login to server and creating deploy_path

kkrieger85 picture kkrieger85 on 12 Oct 2016
👍1

To fix rights I use 

task('fix-rights', function () {
    $httpUser = get('http_user');

    if (null === $httpUser) {
        $httpUser = run("ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1")->toString();
    }
    #runs as root
    run('chown -R ' . $httpUser . ':' . $httpUser . ' {{deploy_path}}');
});

after('cleanup', 'fix-rights');
after('rollback', 'fix-rights');

Updates: Smarter httpUser, fixRights after rollback, too

kkrieger85 picture kkrieger85 on 12 Oct 2016

What's good solution.

antonmedv picture antonmedv on 12 Oct 2016
😕2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

dima-stefantsov picture dima-stefantsov  路  5Comments
minkbear picture minkbear  路  4Comments
krve picture krve  路  4Comments
sweebee picture sweebee  路  3Comments
k-solnushkin picture k-solnushkin  路  5Comments