Hello, Short version: what files and dirs need to be owned by the user mongrel is running as, for my rails app to work? I''ve set up a mongrel cluster to serve my rails app. At first, I loaded up the mongrels using launchd (it''s running on a mac), and the example plist-file I found for /Library/LaunchDaemons didn''t set UserName, so the mongrels ran as root. Everything worked fine, but I felt that they should run as _www or some other non-privileged user. At first, I couldn''t start the cluster, but that was because _www couldn''t write to tmp/pids/, so I chown:ed that dir. Now the cluster started up, but I couldn''t modify the database (I could read it though). This was a test app still on sqlite3, so I figured I''d better chown the db/*sqlite3 files as well. That didn''t fix the problem though (is sqlite3 creating some sort of lock file or something?). I realized _www needs to write to log/* also, and in order to fix the sqlite3-problem I resorted to chown -R the entire rails app. It works fine now, but I feel like I defeated some of the purpose of running mongrel as a non-privileged user. It now has write privileges on stuff it should never modify. Ideally, I''d like to give _www privileges to only the files and dirs it needs to modify. Can someone here give me a few pointers? log/ tmp/ db/*sqlite3 what else? - Martin --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---