Starting supervisord as root or not?

Supervisord switches to UNIX user account before any processing.

You need to specify what kind of user account it should use, run the daemon as root but specify user in the config file

Example:

[program:myprogram]command=gunicorn --worker-class socketio.sgunicorn.GeventSocketIOWorker app.wsgi:application -b 127.0.0.1:8000directory=/opt/myprogramuser=user1autostart=trueautorestart=trueredirect_stderr=True

Visit http://supervisord.org/configuration.html#program-x-section-values for more information

When you start supervisor as root, you need to specify a user for supervisor to drop to for security reasons

From the supervisor docs (http://supervisord.org/configuration.html):

userIf supervisord is run as the root user, switch users to this UNIX user account before doing any meaningful processing. This value has no effect if supervisord is not run as root.

Put this in your conf file:

[supervisord]user=nobody

The user should be a user which exists, but does not have sudo permissions (nobody can work).

For me, I received this error while running as a non-root user:

Error: Cannot open an HTTP server: socket.error reported errno.EACCES (13)

This went away after I chowned the directory holding the sock file to that user.

In your case:

[unix_http_server]file = /opt/run/supervisord.sock

Either chown username /opt/run/, or point the file to another directory that is owned by the user.

I learned this approach from this link.

Additionally, my sysadmins installed an init.d script I wrote. The init.d script is run as root, but the script can get supervisord to start on myuser with this command:

SUPERVISORD=/path/to/supervisordPIDFILE=/path/to/supervisord.pidOPTIONS='-c /path/to/supervisord.conf'daemon --pidfile=$PIDFILE --user=myuser $SUPERVISORD $OPTIONS