Running the Platform as a Non-Root User
From AgileApps Support Wiki
Revision as of 23:49, 18 July 2011 by imported>Aeric
For any installation that is public-facing, it's a good idea to make the service run as a non-root user. That way, if services are comprised, they will be more limited than if they had root access. (Here, we'll create a user called "tomcat" for that purpose.)
To run the platform as a non-root user:
1. Run this command, and copy the path it produces:
which nologin
2. Run these commands, inserting the path obtained in step #1:
groupadd tomcat useradd tomcat -g tomcat -s '{path_to_nologin}' passwd tomcat chown -hR tomcat tomcat/ chgrp -hR tomcat tomcat/ chmod 766 tomcat/logs chmod 766 tomcat/conf su tomcat
3. Stop tomcat and restart it as user tomcat.