Tracked in Github Issues as https://github.com/canonical/cloud- init/issues/2483
** Bug watch added: github.com/canonical/cloud-init/issues #2483 https://github.com/canonical/cloud-init/issues/2483 ** Changed in: cloud-init Status: Confirmed => Expired -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to cloud-init. https://bugs.launchpad.net/bugs/1373491 Title: feature request: option to run user-data as non-root Status in cloud-init: Expired Bug description: We have a use case where we want to offer users cloudable services (AWS, Openstack), but *without* the possiblity of getting root access. We can lock down an instance of course, by denying root logins and removing the instance user from sudo, or restricting the rules. But we'd like to still allow user-controlled user-data. The idea is that a user might boot a machine with user-data that say, wget's a .war into the tomcat directory, or changes a configuration file that isn't system-wide. Or even bootstraps their $HOME/.bashrc, etc. files. Right now, the user-data option is going to run everything as root, meaning they must specifically fixup ownership and permissions, not the mention that they could do really whatever they want. My proposal would therefore be some sort of option, like user-data- account: www. If not specified, it defaults to root. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/1373491/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
