I am experiencing some problem with a gunicorn service, after stopping it I find requests are successfully serviced and doing a ps aux | grep python confirms the service is still running.
I searched around and found that many scripts are using user nobody nogroup.
in my case I had set the gunicorn script to use daemon user.
So my question is when should you use this user nobody as opposed to say using daemon user?
Thanks for your assistance and time.
The 'nobody' user that's running the daemon has zero privileges on the machine. It's usually reserved for untrusted daemons like httpd, etc.
https://wiki.ubuntu.com/nobody
It's really just a convention for a user that has minimal permissions on the system so that if you get hacked, there is less potential for damage. This may or not be the case (lots of root escalations happen with the nobody user), but it's good best practice anyway.