Changes to /etc/init.d/varnish
Ulimit calls are not allowed when running as non-root, so we’ll have to comment them:
#ulimit -n ${NFILES:-131072}
#ulimit -l ${MEMLOCK:-82000}
You might have to substitute that with generally increased ulimits for all users/the specific user.
Also, since the script will be run as root during system startup, we need to add a check at the beginning that re-runs the script as a different user:
SCRIPT_NAME=`basename "$0"`
NEWUSER=
U=`id -nu`
if [ $U != $NEWUSER ]; the
if [ $U = "root" ]; then
echo Re-running as $NEWUSER
exec su -l $NEWUSER -c "$0 $@" || echo oops
echo done re-running as $NEWUSER
fi
echo "Script must be run from $NEWUSER or root. You are '$U'
rc_exit 1
fi
Changes to /etc/default/varnish
Varnish won’t be able to write to some default system locations now, so we have to change some things in DEAMON_OPTS:
Add:
-n /tmp/varnish
and make /etc/varnish/secret readable by the new user, i.e. via a chown:
chown -h newuser:newuser /etc/varnish/secret
Changes to /etc/init.d/varnishlog
Add this to DEAMON_OPTS:
-n /tmp/varnish
Changes to /etc/init.d/varnishncsa
Add this to DEAMON_OPTS:
-n /tmp/varnish
Permissions to logging files
Make sure “newuser” can write to log files in /var/log/varnish
George's Techblog 