Change Ownership to Non-Root User

The topic provides detailed instructions for migrating a Zephyr instance that is currently installed or managed by a root user to a non-root user.

The migration process involves transferring ownership of the Zephyr installation, Zephyr attachment files, and Zephyr managed services to the designated non-root user. Additionally, this topic outlines the creation of a non-root user if one does not already exist.

Prerequisites for Migration

Before proceeding with the migration, ensure that the following prerequisites are met:

  • A Zephyr instance is installed and operated by a root user.

  • Administrative access to the system.

  • A non-root user account that will serve as the new owner of the Zephyr instance.

Note

We are using a non-root zephyr user as an example. This user will not be created as part of Zephyr. You need to create the user separately.

Migration Steps

Following are the steps to migrate a Zephyr instance from a root user to a non-root user:

  1. Stop Zephyr.

  2. Follow the commands and steps listed below.

  3. Start Zephyr as a non-root user.

As mentioned in step 2, follow the steps, changes and their required commands given below:

  1. Migrating Zephyr installation

    Run the following command to change ownership of the Zephyr installation:

    sudo chown -R <non-root_user> <ZEPHYR_HOME>

    Example:

    sudo chown -R zephyr /opt/zephyr

  2. Migrating Zephyr attachment files

    Note

    If ZEPHYR_DATA or NODE_DATA folders are components of ZEPHYR_HOME, then you can skip those relevant commands.

    • Run the following command to change ownership of the ZEPHYR_DATA folder:

      sudo chown -R <non-root_user> <ZEPHYR_DATA>

      Example:

      sudo chown -R zephyr /opt/zephyrdata

    • Run the following command to change ownership of the NODE_DATA folder:

      sudo chown -R <non-root_user> <NODE_DATA>

      Example:

      sudo chown -R zephyr /opt/nodedata

  3. Migrating Zephyr Services

    • Run the following command to change the ownership of the symlink of ZephyrService.sh:

      sudo chown -h <non-root_user> /etc/init.d/ZephyrService.sh

      Example:

      sudo chown -h zephyr /etc/init.d/ZephyrService.sh

    • Change the user in the ZephyrService.sh file using the following steps:

      1. Open the file <ZEPHYR_HOME>/bin/ZephyrService.sh. Ex: /opt/zephyr/bin/ZephyrService.sh.

      2. Locate the following line:

        ZEPHYR_USER=root

        Change the above line to:

        ZEPHYR_USER=<non-root_user>

        Example:

        ZEPHYR_USER=zephyr

      3. Save the file.

        Note

        If you have the file /etc/systemd/system/ZephyrService.service on your system, then you need to perform the following steps additionally.

      4. You need to change the user in the system unit file using the following steps:

        1. Login as a root user.

        2. Locate the unit file here: /etc/systemd/system/ZephyrService.service.

        3. Open the file:

          User=root

          Change the above line to:

          User=<non-root_user>

          Example:

          User=zephyr

        4. Save the file.

        5. Run the following command to reload the changed configurations:

          sudo systemctl daemon-reload

You have successfully migrated your Zephyr instance from being operated by a root user to a non-root user.

In this section:
© 2024
Publication date: