From 7e41c5bf22ca82e636d511a54a7cf2e9bc8c9362 Mon Sep 17 00:00:00 2001 From: Nick Hilliard Date: Sat, 9 Jul 2016 22:14:39 +0100 Subject: oxidized should be run as its own username, not as root --- README.md | 8 ++++++++ extra/oxidized.service | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 6c7e381..281901c 100644 --- a/README.md +++ b/README.md @@ -166,6 +166,14 @@ gem install oxidized-script oxidized-web Oxidized configuration is in YAML format. Configuration files are subsequently sourced from ```/etc/oxidized/config``` then ```~/.config/oxidized/config```. The hashes will be merged, this might be useful for storing source information in a system wide file and user specific configuration in the home directory (to only include a staff specific username and password). Eg. if many users are using ```oxs```, see [Oxidized::Script](https://github.com/ytti/oxidized-script). +It is recommended practice to run Oxidized using its own username. This username can be added using standard command-line tools: + +``` +useradd oxidized +``` + +It is recommended not to run Oxidized as root. + To initialize a default configuration in your home directory ```~/.config/oxidized/config```, simply run ```oxidized``` once. If you don't further configure anything from the output and source sections, it'll extend the examples on a subsequent ```oxidized``` execution. This is useful to see what options for a specific source or output backend are available. You can set the env variable `OXIDIZED_HOME` to change its home directory. diff --git a/extra/oxidized.service b/extra/oxidized.service index 65063b7..ba60bd5 100644 --- a/extra/oxidized.service +++ b/extra/oxidized.service @@ -6,7 +6,7 @@ Description=Oxidized - Network Device Configuration Backup Tool [Service] ExecStart=/usr/local/bin/oxidized -User=root +User=oxidized [Install] WantedBy=multi-user.target -- cgit v1.2.1