Allow to run services with custom user #297
Conversation
mamedin
force-pushed
the
dev/system-users
branch
from
d29b5e9 to
6929e1a
Compare
|
Hi @scollazo , thanks for the PR :) I have some questions/requests: 1) Do we need to create the users and groups here?: https://github.com/artefactual-labs/ansible-archivematica-src/blob/qa/1.x/tasks/common.yml#L7-L17 2) Does it make sense to create new variables for home directories, gids and uids? Probably the home directories could be something like: "/var/lib/{{ archivematica_src_am_system_user }}" In this case, the am directory should be created here: And the SS home directory needs to be created in a separate task. 3) The AtoM user tasks in the am-configure section needs a review: 4) After the qa/1.x rebase, these lines needs a change: |
I avoided creating them on purpose, as they might be already created using active directory or other means.
Besides changing the effective UID/GID for the Archivematica processess, I didn't want to mess too much with the current setttings. In my current use case, the user was created with /var/lib/archivematica as home directory, so there wasn't a need to do this. Do you think it would help in other cases?
Could you be more specific?
I'll fix those conflicts /santi |
|
@mamedin ping |
scollazo
force-pushed
the
dev/system-users
branch
from
6929e1a to
b4da687
Compare
In some envs, archivematica needs to run with an user different than "archivematica" This pr adds two configuration default to allow so: - archivematica_src_am_system_user - archivematica_src_am_system_group - archivematica_src_ss_system_user - archivematica_src_ss_system_group
scollazo
force-pushed
the
dev/system-users
branch
from
b4da687 to
fda8517
Compare
In some envs, archivematica needs to run with an user different than
"archivematica"
This pr adds two configuration default to allow so:
Connects to #307