AgileApps Support Wiki

Running the Platform as a Non-Root User

From AgileApps Support Wiki
Revision as of 23:49, 18 July 2011 by imported>Aeric (Created page with "For any installation that is public-facing, it's a good idea to make the service run as a non-root user. That way, if services are comprised, they will be more limited than if th…")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

For any installation that is public-facing, it's a good idea to make the service run as a non-root user. That way, if services are comprised, they will be more limited than if they had root access. (Here, we'll create a user called "tomcat" for that purpose.)

To run the platform as a non-root user:

1. Run this command, and copy the path it produces: 

which nologin

2. Run these commands, inserting the path obtained in step #1: 

groupadd tomcat
useradd tomcat -g tomcat -s '{path_to_nologin}'
passwd tomcat
chown -hR tomcat tomcat/
chgrp -hR tomcat tomcat/
chmod 666 tomcat/logs
chmod 666 tomcat/conf
su tomcat

3. Stop tomcat and restart it as user tomcat.

Retrieved from "https://agileappscloud.info/aawiki-src/index.php?title=Running_the_Platform_as_a_Non-Root_User&oldid=14054"