Hi folks, We have been telling people for ever not to run things as root. Most packages that run systems things create users for that purpose.
Every time I think of our machine and unit agents running as root, I end up feeling a little guilty. Why is this fine for us? However, we can't just make a change and expect everything to work. Firstly there are the charms, they expect "apt-get install" to work, and if we change our user, it won't. A suggestion would be to make an option for environment to use non-root users for the agents, and default it to false. This would allow us to create environments where we do have non-root users and at least make sure all our stuff works. Then we could move to a QA mode where all charms get tested to make sure that for any privileged action, it uses 'sudo'. This gives us privileged action logging. What are your thoughts? Tim -- Juju-dev mailing list Juju-dev@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
