Changign system user that runs Redmine

Added by Rok Novak over 2 years ago

Hey everyone,

I installed Redmine following instructions at https://gist.github.com/rotexdegba/e39b6b4f85ac580fe5e0434dbb00beb0. I was unable to delve deeper because I have zero Ruby knowledge :(

Since then I was able to install some plugins and a newer theme. I've also set up automatic backups so we can start using it in production.

But it dawned to me that using non-designated/non-system user (login user with sudo privileges to be exact) to run Redmine might pose a security risk.

Is there a simple way to change owner of `Passenger RubyApp: /opt/redmine/redmine-3.4 (production)` process?

Thank you for reading and cheers!

Replies (2)

RE: Changign system user that runs Redmine - Added by Go MAEDA over 2 years ago

Rok Novak wrote:

Is there a simple way to change owner of `Passenger RubyApp: /opt/redmine/redmine-3.4 (production)` process?

You can use PassengerDefaultUser to switch the user.

https://gist.github.com/rotexdegba/e39b6b4f85ac580fe5e0434dbb00beb0#file-linux-rails-and-redmin-in-ubuntu-1604-mint18-sh-L61
https://www.phusionpassenger.com/library/config/apache/reference/#passengerdefaultuser

I recommend reading the following article too.

https://www.phusionpassenger.com/library/deploy/apache/user_sandboxing.html

RE: Changign system user that runs Redmine - Added by Rok Novak over 2 years ago

That was so surprisingly easy. Thank you very much!

(1-2/2)