-
Notifications
You must be signed in to change notification settings - Fork 127
Installation serviceuser
HOWTO run archipel not as root
This is "work in progress". Expect some things not to work/to break until this HOWTO is finished.
-
Create a user like this:
useradd -c "archipel service user" -G kvm,libvirtd,ejabberd archipel
-
Give ownership to the created user:
chown -R archipel /vm/* chgrp archipel /var/log/archipel chmod g+w /var/log/archipel install -o archipel -d /var/lock/archipel chgrp archipel /etc/archipel /etc/archipel/archipel.conf chmod g+r /etc/archipel/archipel.conf chown -R archipel /var/lib/archipel/* chgrp -R libvirtd /etc/libvirt/qemu chmod -R g+rw /etc/libvirt/qemu
chgrp -R libvirtd /var/lib/libvirt chmod -R g+w /var/lib/libvirt chgrp -R libvirtd /var/lib/archipel chmod -R g+w /var/lib/archipel chmod g+w /var/lib/ejabberd/* chmod g+x /var/lib/ejabberd
-
Change the settings in /etc/init.d/archipel
a) Set the lockfile to be in the new folder (subsys is not used here)
[...] lockfile=/var/lock/archipel/archipel.lock [...]
b) In the "start" section add the user and change the logfile location
su -l archipel -c "$ARCHIPEL --config=$ARCHIPEL_CONF_FILE" >>/var/log/archipel/archipel-startup.log 2>&1