DOCSLIB.ORG

Shiny Server Administrator's Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Shiny Server Administrator's Guide Shiny Server Administrator’s Guide Shiny Server Professional v1.5.5 Copyright © 2017 RStudio, Inc. Contents 1 Getting Started 8 1.1 Introduction.........................................8 1.2 System Requirements...................................9 1.3 Installation.........................................9 1.3.1 Ubuntu (12.04+)..................................9 1.3.2 RedHat/CentOS (5.4+).............................. 10 1.3.3 SUSE Linux Enterprise Server (11+)....................... 11 1.3.4 Install Shiny.................................... 12 1.3.5 R Installation Location.............................. 13 1.4 Stopping and Starting................................... 14 1.4.1 systemd (RedHat 7, Ubuntu 15.04+, SLES 12+)................ 14 1.4.2 Upstart (Ubuntu 12.04 through 14.10, RedHat 6)................ 15 1.4.3 init.d (RedHat 5, SLES 11)............................ 16 2 Server Management 17 2.1 Default Configuration................................... 17 2.2 Server Hierarchy...................................... 18 2.2.1 Server........................................ 18 2.2.2 Location....................................... 19 2.2.3 Application..................................... 20 2.3 run_as ............................................ 20 2.3.1 :HOME_USER: .................................... 21 2.3.2 Running Shiny Server with Root Privileges................... 22 2.3.3 :AUTH_USER: .................................... 23 2.4 PAM Sessions........................................ 25 2.4.1 Session Profile................................... 25 1 CONTENTS 2 2.5 r_path ............................................ 26 2.6 Local App Configurations................................. 27 2.7 Hosting Model....................................... 27 2.7.1 Host a Directory of Applications......................... 27 2.7.2 Host a Single Application............................. 28 2.7.3 Host Per-User Application Directories...................... 28 2.8 Redirecting......................................... 29 2.9 Virtual Hosts........................................ 30 2.10 Custom Templates..................................... 31 2.11 Set Custom Headers.................................... 33 2.12 Server Log.......................................... 33 2.12.1 Access Logs..................................... 33 2.13 Environment Variable Settings.............................. 34 2.13.1 SHINY_LOG_LEVEL ................................. 35 2.13.2 R ........................................... 36 2.13.3 SHINY_DATA_DIR .................................. 36 3 Deploying Applications 37 3.1 Schedulers & Application Restarts............................ 37 3.1.1 Restarting an Application............................. 37 3.1.2 Simple Scheduler.................................. 38 3.1.3 Utilization Scheduler................................ 38 3.2 R Markdown........................................ 39 3.3 Application Timeouts................................... 39 3.4 Session Timeouts...................................... 40 3.5 Logging and Analytics................................... 40 3.5.1 Application Error Logs.............................. 40 3.5.2 Log File Permissions................................ 41 3.5.3 Google Analytics.................................. 41 3.6 Program Supervisors.................................... 42 3.7 Reactivity Log....................................... 42 3.8 Specifying Protocols.................................... 43 3.8.1 Disabling WebSockets on the Server....................... 43 CONTENTS 3 4 Authentication & Security 45 4.1 Authentication Overview.................................. 45 4.2 Auth Duration....................................... 46 4.3 Flat-File Authentication.................................. 46 4.3.1 sspasswd...................................... 46 4.4 Google Authentication................................... 47 4.4.1 Create a Google Application........................... 47 4.4.2 Configure Shiny Server............................... 48 4.4.3 Securing the Client Secret............................. 49 4.4.4 Email Address Restrictions............................ 49 4.5 PAM Authentication.................................... 51 4.5.1 PAM Basics..................................... 51 4.5.2 Default PAM Configuration............................ 51 4.5.3 PAM and Kerberos................................. 52 4.6 LDAP and Active Directory................................ 53 4.6.1 base_bind ..................................... 54 4.6.2 Securing the LDAP password........................... 55 4.6.3 user_bind_template ............................... 55 4.6.4 group_search_base ................................ 56 4.6.5 group_filter ................................... 56 4.6.6 group_name_attribute .............................. 56 4.6.7 trusted_ca ..................................... 57 4.6.8 check_ssl_ca ................................... 57 4.6.9 user_filter .................................... 57 4.6.10 user_search_base ................................. 58 4.7 Proxied Authentication.................................. 58 4.8 Required Users & Groups................................. 59 4.8.1 User Authentication................................ 59 4.8.2 Group Authentication............................... 59 4.9 SSL............................................. 60 4.10 Proxied Headers...................................... 61 4.11 Clickjacking Protection.................................. 61 CONTENTS 4 5 Monitoring the Server 63 5.1 Admin............................................ 63 5.1.1 Configuration.................................... 63 5.1.2 Organization.................................... 63 5.1.3 Killing Processes and Connections........................ 65 5.2 Graphite........................................... 65 5.3 Health Check Endpoint.................................. 65 5.3.1 Customizing Responses.............................. 66 5.3.2 Providing Multiple Health-Check Endpoints................... 67 6 Licensing & Activation 68 6.1 Product Activation..................................... 68 6.1.1 Activation Basics.................................. 68 6.1.2 Floating License.................................. 68 6.2 Connectivity Requirements................................ 69 6.2.1 Proxy Servers.................................... 69 6.2.2 Offline Activation.................................. 69 7 Appendix 71 7.1 Quick Start......................................... 71 7.1.1 Host a directory of applications.......................... 72 7.1.2 Let users manage their own applications..................... 72 7.1.3 Run Shiny Server on multiple ports....................... 73 7.1.4 Require user authentication on an application.................. 74 7.1.5 Host a secure Shiny Server............................ 75 7.1.6 Host an Application Supported by Multiple R Processes............ 76 7.2 Configuration Settings................................... 77 7.2.1 run_as....................................... 78 7.2.2 access_log...................................... 78 7.2.3 server........................................ 78 7.2.4 listen........................................ 79 7.2.5 server_name.................................... 79 7.2.6 location....................................... 79 7.2.7 site_dir....................................... 80 CONTENTS 5 7.2.8 directory_index.................................. 80 7.2.9 user_apps...................................... 80 7.2.10 user_dirs...................................... 80 7.2.11 app_dir....................................... 81 7.2.12 redirect....................................... 81 7.2.13 log_dir....................................... 81 7.2.14 log_file_mode................................... 81 7.2.15 members_of.................................... 82 7.2.16 required_group................................... 82 7.2.17 required_user.................................... 82 7.2.18 auth_passwd_file................................. 82 7.2.19 auth_proxy..................................... 83 7.2.20 auth_duration................................... 83 7.2.21 google_analytics_id................................ 83 7.2.22 app_init_timeout................................. 84 7.2.23 app_idle_timeout................................. 84 7.2.24 app_session_timeout............................... 84 7.2.25 http_keepalive_timeout.............................. 84 7.2.26 sockjs_heartbeat_delay.............................. 85 7.2.27 sockjs_disconnect_delay............................. 85 7.2.28 simple_scheduler.................................. 85 7.2.29 utilization_scheduler................................ 85 7.2.30 ssl.......................................... 86 7.2.31 allow_app_override................................ 86 7.2.32 admin........................................ 86 7.2.33 whitelist_headers.................................. 87 7.2.34 auth_google.................................... 87 7.2.35 auth_pam...................................... 87 7.2.36 auth_ldap...................................... 88 7.2.37 auth_active_dir.................................. 88 7.2.38 ldap_timeout.................................... 89 7.2.39 base_bind...................................... 89 7.2.40 user_bind_template................................ 90 7.2.41 trusted_ca..................................... 90 CONTENTS 6 7.2.42 check_ssl_ca.................................... 91 7.2.43 user_filter...................................... 91 7.2.44 user_search_base................................. 92 7.2.45 group_search_base...............................
Load more

Recommended publications
  • Libffi This Manual Is for Libffi, a Portable Foreign-Function Interface Library
    Libffi This manual is for Libffi, a portable foreign-function interface library. Copyright c 2008, 2010, 2011 Red Hat, Inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. A copy of the license is included in the section entitled \GNU General Public License". Chapter 2: Using libffi 1 1 What is libffi? Compilers for high level languages generate code that follow certain conventions. These conventions are necessary, in part, for separate compilation to work. One such convention is the calling convention. The calling convention is a set of assumptions made by the compiler about where function arguments will be found on entry to a function. A calling convention also specifies where the return value for a function is found. The calling convention isalso sometimes called the ABI or Application Binary Interface. Some programs may not know at the time of compilation what arguments are to be passed to a function. For instance, an interpreter may be told at run-time about the number and types of arguments used to call a given function. `Libffi' can be used in such programs to provide a bridge from the interpreter program to compiled code. The `libffi' library provides a portable, high level programming interface to various calling conventions. This allows a programmer to call any function specified by a call interface description at run time. FFI stands for Foreign Function Interface. A foreign function interface is the popular name for the interface that allows code written in one language to call code written in another language.
    [Show full text]
  • Dell Wyse Management Suite Version 2.1 Third Party Licenses
    Dell Wyse Management Suite Version 2.1 Third Party Licenses October 2020 Rev. A01 Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners. Contents Chapter 1: Third party licenses...................................................................................................... 4 Contents 3 1 Third party licenses The table provides the details about third party licenses for Wyse Management Suite 2.1. Table 1. Third party licenses Component name License type jdk1.8.0_112 Oracle Binary Code License jre11.0.5 Oracle Binary Code License bootstrap-2.3.2 Apache License, Version 2.0 backbone-1.3.3 MIT MIT aopalliance-1.0.jar Public Domain aspectjweaver-1.7.2.jar Eclipse Public licenses- v 1.0 bcprov-jdk16-1.46.jar MIT commons-codec-1.9.jar Apache License, Version 2.0 commons-logging-1.1.1.jar Apache License, Version 2.0 hamcrest-core-1.3.jar BSD-3 Clause jackson-annotations.2.10.2.jar Apache License, Version 2.0 The Apache Software License, Version 2.0 jackson-core.2.10.2.jar Apache License, Version 2.0 The Apache Software License, Version 2.0 jackson-databind.2.10.2.jar Apache License, Version 2.0 The Apache Software License, Version 2.0 log4j-1.2.17.jar Apache License, Version 2.0 mosquitto-3.1 Eclipse Public licenses- v 1.0 Gradle Wrapper 2.14 Apache 2.0 License Gradle Wrapper 3.3 Apache 2.0 License HockeySDK-Ios3.7.0 MIT Relayrides / pushy - v0.9.3 MIT zlib-1.2.8 zlib license yaml-cpp-0.5.1 MIT libssl.dll (1.1.1c) Open SSL License 4 Third party licenses Table 1.
    [Show full text]
  • CFFI Documentation Release 0.8.6
    CFFI Documentation Release 0.8.6 Armin Rigo, Maciej Fijalkowski May 19, 2015 Contents 1 Installation and Status 3 1.1 Platform-specific instructions......................................4 2 Examples 5 2.1 Simple example (ABI level).......................................5 2.2 Real example (API level).........................................5 2.3 Struct/Array Example..........................................6 2.4 What actually happened?.........................................6 3 Distributing modules using CFFI7 3.1 Cleaning up the __pycache__ directory.................................7 4 Reference 9 4.1 Declaring types and functions......................................9 4.2 Loading libraries............................................. 10 4.3 The verification step........................................... 10 4.4 Working with pointers, structures and arrays.............................. 12 4.5 Python 3 support............................................. 14 4.6 An example of calling a main-like thing................................. 15 4.7 Function calls............................................... 15 4.8 Variadic function calls.......................................... 16 4.9 Callbacks................................................. 17 4.10 Misc methods on ffi........................................... 18 4.11 Unimplemented features......................................... 20 4.12 Debugging dlopen’ed C libraries..................................... 20 4.13 Reference: conversions.......................................... 21 4.14 Reference:
    [Show full text]
  • Compiler Fuzzing: How Much Does It Matter?
    Compiler Fuzzing: How Much Does It Matter? MICHAËL MARCOZZI∗, QIYI TANG∗, ALASTAIR F. DONALDSON, and CRISTIAN CADAR, Imperial College London, United Kingdom Despite much recent interest in randomised testing (fuzzing) of compilers, the practical impact of fuzzer-found compiler bugs on real-world applications has barely been assessed. We present the first quantitative and qualitative study of the tangible impact of miscompilation bugs in a mature compiler. We follow a rigorous methodology where the bug impact over the compiled application is evaluated based on (1) whether the bug appears to trigger during compilation; (2) the extent to which generated assembly code changes syntactically due to triggering of the bug; and (3) whether such changes cause regression test suite failures, or whether we can manually find application inputs that trigger execution divergence due to such changes. Thestudy is conducted with respect to the compilation of more than 10 million lines of C/C++ code from 309 Debian 155 packages, using 12% of the historical and now fixed miscompilation bugs found by four state-of-the-art fuzzers in the Clang/LLVM compiler, as well as 18 bugs found by human users compiling real code or as a by-product of formal verification efforts. The results show that almost half of the fuzzer-found bugs propagate tothe generated binaries for at least one package, in which case only a very small part of the binary is typically affected, yet causing two failures when running the test suites of all the impacted packages. User-reported and formal verification bugs do not exhibit a higher impact, with a lower rate of triggered bugs andonetest failure.
    [Show full text]
  • VSI's Open Source Strategy
    VSI's Open Source Strategy Plans and schemes for Open Source so9ware on OpenVMS Bre% Cameron / Camiel Vanderhoeven April 2016 AGENDA • Programming languages • Cloud • Integraon technologies • UNIX compability • Databases • Analy;cs • Web • Add-ons • Libraries/u;li;es • Other consideraons • SoDware development • Summary/conclusions tools • Quesons Programming languages • Scrip;ng languages – Lua – Perl (probably in reasonable shape) – Tcl – Python – Ruby – PHP – JavaScript (Node.js and friends) – Also need to consider tools and packages commonly used with these languages • Interpreted languages – Scala (JVM) – Clojure (JVM) – Erlang (poten;ally a good fit with OpenVMS; can get good support from ESL) – All the above are seeing increased adop;on 3 Programming languages • Compiled languages – Go (seeing rapid adop;on) – Rust (relavely new) – Apple Swi • Prerequisites (not all are required in all cases) – LLVM backend – Tweaks to OpenVMS C and C++ compilers – Support for latest language standards (C++) – Support for some GNU C/C++ extensions – Updates to OpenVMS C RTL and threads library 4 Programming languages 1. JavaScript 2. Java 3. PHP 4. Python 5. C# 6. C++ 7. Ruby 8. CSS 9. C 10. Objective-C 11. Perl 12. Shell 13. R 14. Scala 15. Go 16. Haskell 17. Matlab 18. Swift 19. Clojure 20. Groovy 21. Visual Basic 5 See h%p://redmonk.com/sogrady/2015/07/01/language-rankings-6-15/ Programming languages Growing programming languages, June 2015 Steve O’Grady published another edi;on of his great popularity study on programming languages: RedMonk Programming Language Rankings: June 2015. As usual, it is a very valuable piece. There are many take-away from this research.
    [Show full text]
  • Structured Foreign Types
    Ftypes: Structured foreign types Andrew W. Keep R. Kent Dybvig Indiana University fakeep,[email protected] Abstract When accessing scalar elements within an ftype, the value of the High-level programming languages, like Scheme, typically repre- scalar is automatically marshaled into the equivalent Scheme rep- sent data in ways that differ from the host platform to support resentation. When setting scalar elements, the Scheme value is consistent behavior across platforms and automatic storage man- checked to ensure compatibility with the specified foreign type, and agement, i.e., garbage collection. While crucial to the program- then marshaled into the equivalent foreign representation. Ftypes ming model, differences in data representation can complicate in- are well integrated into the system, with compiler support for ef- teraction with foreign programs and libraries that employ machine- ficient access to foreign data and debugger support for convenient dependent data structures that do not readily support garbage col- inspection of foreign data. lection. To bridge this gap, many high-level languages feature for- The ftype syntax is convenient and flexible. While it is similar in eign function interfaces that include some ability to interact with some ways to foreign data declarations in other Scheme implemen- foreign data, though they often do not provide complete control tations, and language design is largely a matter of taste, we believe over the structure of foreign data, are not always fully integrated our syntax is cleaner and more intuitive than most. Our system also into the language and run-time system, and are often not as effi- has a more complete set of features, covering all C data types along cient as possible.
    [Show full text]
  • Overview Guide Release 21B F45060-01
    Oracle Utilities Customer Care and Billing Cloud Service Overview Guide Release 21B F45060-01 August 2021 Oracle Utilities Customer Care and Billing Cloud Service Release 21B Overview Guide Copyright © 2012, 2021 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software documentation"
    [Show full text]
  • An In-Memory Embedding of Cpython for Offensive Use
    An In-memory Embedding of CPython for Offensive Use Ateeq Sharfuddin, Brian Chapman, Chris Balles SCYTHE fateeq, brian, [email protected] Abstract—We offer an embedding of CPython that runs using packagers like Py2Exe [6] or PyInstaller [4]. These entirely in memory without “touching” the disk. This in-memory malware are easy to construct and are executed when a coerced embedding can load Python scripts directly from memory instead end-user double-clicks and runs the packaged executable file these scripts having to be loaded from files on disk. Malware that resides only in memory is harder to detect or mitigate against. from disk. Security products have collected and analyzed We intend for our work to be used by security researchers to numerous sample executable files of this scheme. As a result, rapidly develop and deploy offensive techniques that is difficult security products have produced signatures for this scheme and for security products to analyze given these instructions are are able to successfully block all malware using this scheme. in bytecode and only translated to machine-code by the inter- In this paper, we contribute the first embedding of CPython preter immediately prior to execution. Our work helps security researchers and enterprise Red Teams who play offense. Red interpreter that runs entirely in memory without “touching” Teams want to rapidly prototype malware for their periodic the disk. We also contribute a scheme to support loading campaigns and do not want their malware to be detected by the and running Python modules including native C extensions, Incident Response (IR) teams prior to accomplishing objectives.
    [Show full text]
  • Foreign Library Interface by Daniel Adler Dia Applications That Can Run on a Multitude of Plat- Forms
    30 CONTRIBUTED RESEARCH ARTICLES Foreign Library Interface by Daniel Adler dia applications that can run on a multitude of plat- forms. Abstract We present an improved Foreign Function Interface (FFI) for R to call arbitary na- tive functions without the need for C wrapper Foreign function interfaces code. Further we discuss a dynamic linkage framework for binding standard C libraries to FFIs provide the backbone of a language to inter- R across platforms using a universal type infor- face with foreign code. Depending on the design of mation format. The package rdyncall comprises this service, it can largely unburden developers from the framework and an initial repository of cross- writing additional wrapper code. In this section, we platform bindings for standard libraries such as compare the built-in R FFI with that provided by (legacy and modern) OpenGL, the family of SDL rdyncall. We use a simple example that sketches the libraries and Expat. The package enables system- different work flow paths for making an R binding to level programming using the R language; sam- a function from a foreign C library. ple applications are given in the article. We out- line the underlying automation tool-chain that extracts cross-platform bindings from C headers, FFI of base R making the repository extendable and open for Suppose that we wish to invoke the C function sqrt library developers. of the Standard C Math library. The function is de- clared as follows in C: Introduction double sqrt(double x); We present an improved Foreign Function Interface The .C function from the base R FFI offers a call (FFI) for R that significantly reduces the amount of gate to C code with very strict conversion rules, and C wrapper code needed to interface with C.
    [Show full text]
  • Poliastro: an Astrodynamics Library Written in Python with Fortran Performance
    POLIASTRO: AN ASTRODYNAMICS LIBRARY WRITTEN IN PYTHON WITH FORTRAN PERFORMANCE Juan Luis Cano Rodríguez Helge Eichhorn Frazer McLean Universidad Politécnica de Madrid Technische Universität Darmstadt CS GmbH Madrid, Spain Darmstadt, Germany Darmstadt, Germany ABSTRACT However, the current situation of scientific codes is still delicate: most scientists and engineers that write numerical Python is a fast-growing language both for astronomic appli- software (which often features a strong algorithmic com- cations and for educational purposes, but it is often criticized ponent and has tight performance requirements) usually do for its suboptimal performance and lack of type enforcement. not have any formal training on computer programming, let In this paper we present poliastro, a pure Python library for alone software engineering best practices[3]. In fact, in the Astrodynamics that overcomes these obstacles and serves as Aerospace industry there is a sad track record of software a proof of concept of Python strengths and its suitability to failures[4, 5] that could have been avoided by following model complex systems and implement fast algorithms. better software and systems engineering practices. poliastro features core Astrodynamics algorithms (such as resolution of the Kepler and Lambert problems) written When selecting a certain programming language for a spe- in pure Python and compiled using numba, a modern just- cific problem, we as engineers have the obligation to consider in-time Python-to-LLVM compiler. As a result, preliminary as much information as possible and make an informed de- benchmarks suggest a performance increase close to the ref- cision based on technical grounds. For example, if defect erence Fortran implementation, with negligible impact in the density were to be selected as the single figure to rank the legibility of the Python source.
    [Show full text]
  • Licensing Information User Manual Mysql Enterprise Monitor 3.4
    Licensing Information User Manual MySQL Enterprise Monitor 3.4 Table of Contents Licensing Information .......................................................................................................................... 4 Licenses for Third-Party Components .................................................................................................. 5 Ant-Contrib ............................................................................................................................... 10 ANTLR 2 .................................................................................................................................. 11 ANTLR 3 .................................................................................................................................. 11 Apache Commons BeanUtils v1.6 ............................................................................................. 12 Apache Commons BeanUtils v1.7.0 and Later ........................................................................... 13 Apache Commons Chain .......................................................................................................... 13 Apache Commons Codec ......................................................................................................... 13 Apache Commons Collections .................................................................................................. 14 Apache Commons Daemon ...................................................................................................... 14 Apache
    [Show full text]
  • Release-1.11
    CFFI Documentation Release 1.11.5 Armin Rigo, Maciej Fijalkowski Feb 27, 2018 Contents 1 Goals 3 2 Comments and bugs 5 3 What’s New 7 3.1 v1.11.5..................................................7 3.2 v1.11.4..................................................7 3.3 v1.11.3..................................................8 3.4 v1.11.2..................................................8 3.5 v1.11.1..................................................8 3.6 v1.11...................................................8 3.7 Older Versions..............................................9 4 Installation and Status 17 4.1 Platform-specific instructions...................................... 18 5 Overview 21 5.1 Simple example (ABI level, in-line)................................... 21 5.2 Real example (API level, out-of-line).................................. 22 5.3 Struct/Array Example (minimal, in-line)................................ 23 5.4 Purely for performance (API level, out-of-line)............................. 24 5.5 Out-of-line, ABI level.......................................... 25 5.6 Embedding................................................ 25 5.7 What actually happened?......................................... 26 5.8 ABI versus API.............................................. 27 6 Using the ffi/lib objects 29 6.1 Working with pointers, structures and arrays.............................. 30 6.2 Python 3 support............................................. 33 6.3 An example of calling a main-like thing................................. 33 6.4 Function
    [Show full text]