The ownership of directories should be adapted so that the agent works out of the box where possible without compromising the security.
Scope
The ownership of the following directories should be adapted:
Agent directories
config
data
log
package
directory of the certificate file if the file does not exist
directory of the key file if the file does not exist
TBD: Directories which are required by the services (Kafka, Zookeeper, ...)
TBD: Directories which are specified by the operators
see also #20
Ownership
TBD: Who is responsible for defining the ownership (the agent, the operators, pre-defined, ...)?
TBD: Which owners and groups should be assigned to every directory which is in scope of this issue?
TBD: What should happen if the assignment fails, e.g. because the agent has no root privilege?
Non-existing users and groups
TBD: What should happen if non-existing users or groups should be assigned? Should they be created? What should happen if this fails?
:warning: TBD – not ready for work
The ownership of directories should be adapted so that the agent works out of the box where possible without compromising the security.
Scope
The ownership of the following directories should be adapted:
see also #20
Ownership
TBD: Who is responsible for defining the ownership (the agent, the operators, pre-defined, ...)? TBD: Which owners and groups should be assigned to every directory which is in scope of this issue? TBD: What should happen if the assignment fails, e.g. because the agent has no root privilege?
Non-existing users and groups
TBD: What should happen if non-existing users or groups should be assigned? Should they be created? What should happen if this fails?
see also #106