Purpose
This KB describes steps to configure the installed Traceable Platform Agent service to run as a non-root user on a Linux machine.
Steps
Configure the Service
Modify the file /etc/systemd/system/traceable.service and add the following User
and Group
directives to the [Service]
section:
[Service] ... User=<<NON-ROOT-USER>> Group=<<NON-ROOT-GROUP>>
Change the Directory Ownership
The following directory permissions need to change to allow the service to access them:
sudo systemctl stop traceable.service
sudo chown -R <<NON-ROOT-USER>>:<<NON-ROOT-GROUP>> /etc/traceable sudo chown -R <<NON-ROOT-USER>>:<<NON-ROOT-GROUP>> /var/traceable sudo chown -R <<NON-ROOT-USER>>:<<NON-ROOT-GROUP>> /usr/lib/traceable
sudo systemctl start traceable.service
Troubleshooting
In case of any errors or if the Agent fails to startup check the following logs:
- Agent logs at /etc/traceable/log
- Check the Service logs by running
sudo journalctl -xeu traceable.service