Make sure packages don't run as root for no reason

[rsertelon]

There are packages in core-plans that run as root, for some this is required (privileged ports, for example), but for others, it is not, and shouldn't. Here's the list, with a note about whether it is right, or not.

Package	Should use root?
sumologic	-
systemd	Yes - monitors and manages processes
monit	Yes - monitors and manages processes
shield	-
wordpress-proxy	-
artifactory-pro	No
sensu	-
shield-proxy	-
wordpress	-
consul	No - modified to use another user.
vault	-
rngd	-
postfix	Yes - opens privileged port + drops privileges
openresty	-
traefik	-
jenkins	No - #1043
mssql	-
sscache	-
etcd	-
shield-agent	-
grafana	No
openssh	Yes
certstrap	-
nginx	Yes - opens privileged port + drops privileges (check that is does)
telegraf	Yes - /proc access
httpd	Yes - opens privileged port + drops privileges
drupal	-
dd-agent	-

While we try to determine whether these should or should not use root, we also have to devise a plan to change those that need to be.

@adamhjk on Slack proposed that we could use hooks to inform users about breakage when they install the new version, so they can try to mitigate the problem.

If you have the answer for any package listed above, please comment on this issue :)

[Atalanta]

• Consul: no - can run as a system user.
• openssh: commonly yes - needs to setuid and setgid; can be made to run without root, but it's a rare case.
• drupal: I suspect this is a side effect of how the plan works @therealpadams can advise. It's due a refactor anyway.
• telegraf: probably yes - needs access to proc

[baggerspion]

Yes, the core/drupal plan will be refactored before I show up to Chefconf. Otherwise it will just be embarrassing. However, the reason for running as root is because it is being served by core/nginx (also in this list).