Allow splunk to run as a non-root user on RedHat #72
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Splunk's packages expect the search head and indexer at least to run as the "splunk" user rather than root, and on machines that don't need to read protected log files, this is preferable for security. This pull request adds support for running Splunk as a user other than root on RedHat systems.
The init.pp and params.pp files are updated with user and group variables, and any hardcoded references to the root user have been replaced with these variables. A "sysconfig" file has been added to pass the desired user through to the RedHat init script, and the init script updated to run the splunk commands as the desired user using su.
The default user/group is root for backward compatibility, so this should be a noop when merged in. Since I don't have any Debian systems I've not updated the Debian init scripts as I won't be able to test.