chef - [chef] Re: Is it possible for the chef server to run as a non-root user?

First login ?
Lost password ?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Is it possible for the chef server to run as a non-root user?

From: Stephen Delano < >
To: " " < >
Subject: [chef] Re: Is it possible for the chef server to run as a non-root user?
Date: Fri, 11 Apr 2014 15:10:10 -0700

Hi Stephen,

Unfortunately, it looks like Open Source Chef Server is configured to run all of the services as root. Take a look here: https://github.com/opscode/omnibus-chef-server/search?q=root&ref=cmdform

It wouldn't be a ton of work to update those configuration recipes to run the services as another user (chef-server, for instance) or even create a user per-service for segregation. Additionally, the Chef Server API listens on ports 80 and 443, which both require root privileges to bind to.

On Fri, Apr 11, 2014 at 12:08 PM, Stephen Corbesero < " target="_blank"> > wrote:

In light of the recent heartbleed ugliness, I have been asked if we must run our (open source) chef servers as root, or if they can be run as a non-privileged user?

If so, is there documentation for how to do it?

--

Stephen Corbesero, DevOps Engineer

Synchronoss - Mobile Innovation for a Connected World

Office: +1 484-821-4272

" target="_blank"> | www.synchronoss.com

--
Stephen Delano
Software Development Engineer
Opscode, Inc.
1008 Western Avenue
Suite 601
Seattle, WA 98104

[chef] Is it possible for the chef server to run as a non-root user?, Stephen Corbesero, 04/11/2014
- [chef] Re: Is it possible for the chef server to run as a non-root user?, Stephen Delano, 04/11/2014
- [chef] Re: Is it possible for the chef server to run as a non-root user?, DV, 04/18/2014