Changes between Version 83 and Version 84 of ServerIntro


Ignore:
Timestamp:
Apr 15, 2015, 10:59:09 AM (9 years ago)
Author:
davea
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ServerIntro

    v83 v84  
    99Some factors:
    1010
     11 * Your server must have a static IP address.
    1112 * Your Internet connection should have adequate performance and reliability.
    12    Your server must have a static IP address.
    13  * Your server should have good CPU speed(dual Xeon or Opteron),
    14    at least 2 GB of RAM, and at least 40 GB of free disk space.
    15    For a high-traffic project, use a machine with 8 GB of RAM or more,
    16    and 64-bit processors.
     13 * Your server should have 64-bit processors,
     14   at least 8 GB of RAM, and at least 40 GB of free disk space.
    1715 * Do whatever you can to make it highly reliable (UPS power supply,
    1816   RAID disk configuration, hot-swappable spares,
     
    4038  If you take this approach, skip the rest of this page.
    4139
    42  * Debian and Ubuntu offer the boinc-server-maker package to create
    43    BOINC project more easily on local or remote machines.
     40 * Debian and Ubuntu offer a "boinc-server-maker" package to create
     41   BOINC projects more easily on local or remote machines.
    4442   This ongoing effort, described on their
    4543   [http://wiki.debian.org/BOINC/ServerGuide Wiki] aims at full compatibility
     
    5250   we recommend using a recent Linux release.
    5351   Disable SELinux. General instructions are given below,
    54    followed by a [wiki:ServerIntro#CookbookforDebian6.0 cookbook for setting up a BOINC server on a Debian 6.0 system].
     52   followed by a [wiki:ServerIntro#CookbookforDebian6.0 cookbook
     53   for setting up a BOINC server on a Debian 6.0 system].
    5554
    5655== Installing the BOINC server on Unix == #general
    5756=== Groups and permissions === #permissions
     57
    5858BOINC server programs run as two different users:
    5959
    60  * The scheduler and file upload handler are CGI programs,
    61    so they run as the same user as the web server
     60 * The scheduler, file upload handler, and web software
     61   run under the web server account
    6262   (on Fedora this is user '`apache`'; on Debian it's '`www-data`').
    63  * BOINC daemons run as whoever created the project
    64    (let's say user '`boincadm`', group '`boinc`').
    65    '''Do not run BOINC daemons (or anything else) as root'''.
     63
     64 * Other programs run under a normal user account,
     65   called the "project owner".
     66
     67The project owner may be your existing account,
     68or you can create a new account for this purpose with '''useradd'''.
     69In the following we'll assume that the project owner
     70is '''boincadm''', with primary group '''boincadm'''.
     71
     72'''Do not use root as the project owner'''.
    6673
    6774By default, the directories created by user `apache` are not world-writable.
     
    7279
    7380To solve this problem, edit `/etc/group` so that `apache` belongs
    74 to group `boinc`, i.e. the line:
    75 
    76 {{{
    77 boinc:x:566:
    78 }}}
    79 becomes:
    80 
    81 {{{
    82 boinc:x:566:apache
    83 }}}
    84 (Apache will need to be stopped/restarted for this to take effect.)
     81to group `boincadm`, i.e. change the line
     82
     83{{{
     84boincadm:x:566:
     85}}}
     86to
     87
     88{{{
     89boincadm:x:566:apache
     90}}}
     91(the "566" is the group ID; it may be different on your system).
     92Apache will need to be stopped/restarted for this to take effect.
    8593
    8694Both `boincadm` and `apache` should have
    8795[http://en.wikipedia.org/wiki/Umask umasks]
    88 that allow group read and write. The place to set this depends on what distribution is used. Normaly you can use a umask of 0002 or 0007.
     96that allow group read and write.
     97The place to set this depends on what distribution is used.
     98Normally you can use a umask of 0002 or 0007.
    8999
    90100When you create a BOINC project using [wiki:MakeProject make_project],
    91101the critical directories are owned by `boincadm` and have the set-GID bit set;
    92102this means that any directories or files created by `apache`
    93 in those directories will have group `boinc` (not group `apache`).
     103in those directories will have group `boincadm` (not group `apache`).
    94104The BOINC software makes all directories group read/write.
    95 Thus, both `apache` and `boinc` will have read/write access
     105Thus, both `apache` and `boincadm` will have read/write access
    96106to all directories and files, but other users will have no access.
    97107