Update the macos installer scripts to create a low privileged, non interactive, service "role" pseudo account on the system.
Update the "plist" so that the collector will run under this pseudo account.
Chown a few of the directories and files in the installation directory so that the service can function with these reduced privileges. This is just enough to let the service create the Unix domain socket and write to the install/stdout/stderr logs. The remainder of the installation is still owned by root and are read-only to the service.
Update the macos installer scripts to create a low privileged, non interactive, service "role" pseudo account on the system.
Update the "plist" so that the collector will run under this pseudo account.
Chown a few of the directories and files in the installation directory so that the service can function with these reduced privileges. This is just enough to let the service create the Unix domain socket and write to the install/stdout/stderr logs. The remainder of the installation is still owned by root and are read-only to the service.
The user name "_trace2" is used by default.