Run on shiny server with no root access

statquant · June 16, 2018, 8:30am

Hello Rstudio community.
I developed a shiny app at work (linux centos7 environement with no root)

What I want to do is the following: I want to be able to specify the hostname and port and run the app so everyone can access it over their browser. This app should be run under my user and I was planning to start/stop it by crontab-ing it.

After looking for a while I have found no way to be able to start/stop/run a shiny server as my own user without the need of impersonate root.
As this is very easy to do in dash I was wondering if this could be done in shiny

ginberg · June 16, 2018, 6:51pm

you can pass a port and host argument to runApp
or set the properties shiny.port and shiny.host somewhere in your app if not using runApp directly

statquant · June 17, 2018, 1:49pm

Hello @ginberg do I understand correctly that you are saying that I can an app locally and specify the host and port where it will be accessible and that people will just be able to see it?
So I do not need shiny server at all?

ginberg · June 17, 2018, 7:19pm

hi @statquant, that is an option, not sure if it's the best option for your though. For example you need to be sure that your people can access your computer/port (firewall?) which might be easier when using shiny server.

statquant · June 17, 2018, 8:02pm

It is internal to my company, there is firewall issue at all. I thought I was stuck with shiny server and creating a shiny user etc.. That's great news I'll give it a go

cole · June 19, 2018, 3:25am

You can definitely handle the availability of an application, the port it listens on, etc. through runApp. The pieces of the pie that you will be missing and that shiny server handles for you are (not an exhaustive list):

starting up / tearing down an R process when requested / no longer needed
hosting multiple applications
handling restarting the app if / when the R process crashes

Obviously, in some cases, it is easier to just use runApp to make the app available. In other cases, if you decide you need Shiny Server, the following outlines situations where you need root. In the absence of this situation, you should be able to run Shiny Server without root privileges (as any user you like).

Aside from spawning R Shiny processes as particular users, the shiny-server process itself can be configured to run as different users to control its privileges. There are many scenarios in which Shiny Server would need to be run as root:

If user_apps or user_dirs is enabled for any location. In order to host applications as various users, Shiny Server must have root privileges.

If your configuration uses run_as to spawn applications as multiple different users.

If you're running any server on a privileged port (a port in the range of 1-1024).

If you're using auth_pam to leverage PAM authentication. (Pro only)

If you're using auth_google and store your client secret in a file. (Pro only)

If you specify a value for metrics_user (Pro only)