<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; "><div>As a follow up to this thread, and in case somebody else can learn from my learning experience, here are the steps that seem to work for me to run RabbitMQ as a non-root/non-rabbitmq user.</div><div><br></div><div>In addition, I needed to set up clustering, management plugins, and make rabbitmq not autostart at boot. This is using RabbitMQ 2.7 on Ubuntu 10.04. YMMV. </div><div><br></div><div>If anybody sees any pitfalls with the approach below, please feel free to holler.</div><div><br></div><div>---- SETUP ----</div><div><div># Do a fresh install</div><div>sudo apt-get install -y rabbitmq-server</div><div><br></div><div># Enable management plugin</div><div>sudo rabbitmq-plugins enable rabbitmq_management</div><div><br></div><div># Shut down the rabbitmq server</div><div>sudo rabbitmqctl stop</div><div><br></div><div># Remove the mnesia directory, which was created as user rabbitmq, not what we want.</div><div>sudo rm -rf /var/lib/rabbitmq/mnesia</div><div><br></div><div># Prevent rabbitmq from auto starting on boot</div><div>sudo update-rc.d -f rabbitmq-server remove</div><div><br></div><div># Rename the rabbitmq supplied commands that enforce user==rabbitmq or root</div><div># This prevents innocent people from inadvertently using them. Entirely optional.</div><div>sudo mv /usr/sbin/rabbitmqctl /usr/sbin/rabbitmqctl_dont_use</div><div>sudo mv /usr/sbin/rabbitmq-plugins /usr/sbin/rabbitmq-plugins_dont_use</div><div>sudo mv /usr/sbin/rabbitmq-server /usr/sbin/rabbitmq-server_dont_use</div><div><br></div><div># Change ownership of all files previously created by RabbitMQ to desired_user</div><div>sudo chown -R desired_user:desired_user /var/lib/rabbitmq</div><div>sudo chown -R desired_user: desired_user /var/log/rabbitmq</div></div><div>----</div><div><br></div><div><br></div><div>---- Launching as desired_user ----</div><div><div>export RABBITMQ_CONFIG_FILE=/home/desired_user/config/rabbitmq</div><div>export RABBITMQ_SERVER_ERL_ARGS="-setcookie rabbit"</div><div>export RABBITMQ_CTL_ERL_ARGS="-setcookie rabbit"</div></div><div><br></div><div># Note that this is not the "normal" rabbitmq-server script in /usr/sbin/</div><div>/usr/lib/rabbitmq/bin/rabbitmq-server start</div><div>----</div><div><br></div><div>Finally, in /home/desired_user/config/rabbitmq<b><u>.Config:</u></b></div><div><br></div><div><div>[</div><div> {rabbit,</div><div> [{cluster_nodes, ['rabbit@play', 'rabbit@play2']}</div><div> ]</div><div> }</div><div>].</div><div style="text-decoration: underline; font-weight: bold; "><br></div></div><div>Matt</div><div><br></div><div>On 12/19/11 3:53 PM, "Jason J. W. Williams" <<a href="mailto:jasonjwwilliams@gmail.com">jasonjwwilliams@gmail.com</a>> wrote:</div><div><br></div><blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE" style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0 0 0 5;"><div>I believe what you're looking for then is this section from the</div><div>RabbitMQ clustering guide:</div><div><br></div><div>"As an alternative, you can insert the option "-setcookie cookie" in</div><div>the erl call in the rabbitmq-server and rabbitmqctl scripts."</div><div><br></div><div><a href="http://www.rabbitmq.com/clustering.html">http://www.rabbitmq.com/clustering.html</a></div><div><br></div><div>For what it's worth, we create a rabbitmq user on every system (for us</div><div>it's in LDAP, but you could write it out to the passwd file) and set</div><div>its home directory to /var/lib/rabbitmq. We then write out the</div><div>.erlang.cookie file into /var/lib/rabbitmq on every Rabbit node using</div><div>Chef (with permissions 0600). We're running Ubuntu 10.04.x LTS.</div><div><br></div><div><br></div><div>-J</div><div><br></div><div>On Mon, Dec 19, 2011 at 3:47 PM, Matt Pietrek <<a href="mailto:mpietrek@skytap.com">mpietrek@skytap.com</a>> wrote:</div><blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE" style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0 0 0 5;"><div> Thanks Jason.</div><div><br></div><div> That's helpful, but in my admittedly limited knowledge, I don't believe that</div><div> it's as simple as that. In particular I don't understand how handle files</div><div> being installed with rabbitmq as the owner.</div><div><br></div><div> A little more context that I forgot to mention earlier:</div><div><br></div><div> I need to cluster multiple nodes so explicitly specifying the cookie is</div><div> necessary so they're synced. Also, specifying the cookie via an environment</div><div> variable is preferred to having an additional cookie file that I need to</div><div> copy to multiple machines.</div><div> I need to be able to launch everything from scratch via my own script file</div><div> (which will be on all nodes.)</div><div><br></div><div> My current thinking is that my startup script will set some RABBITMQ</div><div> environment variables (RABBITMQ_CONFIG_FILE, RABBITMQ_SERVER_START_ARGS,</div><div> RABBITMQ_CTL_ERL_ARGS,). The script will then directly run rabbit-server in</div><div> /usr/lib/rabbitmq/bin. Also, RABBITMQ_CONFIG_FILE will point to the</div><div> rabbitmq.config file that I've dropped on all nodes to set up auto</div><div> clustering.)</div><div><br></div><div> Thanks again,</div><div><br></div><div> Matt</div><div><br></div><div> On 12/19/11 2:31 PM, "Jason J. W. Williams" <<a href="mailto:jasonjwwilliams@gmail.com">jasonjwwilliams@gmail.com</a>></div><div> wrote:</div><div><br></div><div> Hi Matt,</div><div><br></div><div> This should do it on Ubuntu:</div><div><br></div><div> sudo -H -u <user> /opt/rabbitmq-server/sbin/rabbitmq-server</div><div><br></div><div> The Erlang process needs to find the Erlang cookie and will check the</div><div> home directory of the executing user. You can also specify the</div><div> explicit location of the Erlang cookie in the RabbitMQ arguments, but</div><div> we find using the HOME environment simpler.</div><div><br></div><div> -J</div><div><br></div><div> On Mon, Dec 19, 2011 at 2:58 PM, Matt Pietrek <<a href="mailto:mpietrek@skytap.com">mpietrek@skytap.com</a>> wrote:</div><div><br></div><div> We have a production environment where all of our services run in a special,</div><div> non-root account an an Ubuntu 10.04 environment. I'm experimenting with how</div><div> to make RabbitMQ 2.7 run in this special account, rather than as the</div><div> "rabbitmq" user, and not having much luck.</div><div><br></div><div> Extensive searching of the mailing list makes me think I'm close, but I</div><div> suspect I'm missing something fundamental.</div><div><br></div><div> I believe part of the answer involves explicitly setting the "-cookie"</div><div> option in RABBITMQ_SERVER_START_ARGS and RABBITMQ_CTL_ERL_ARGS environment</div><div> variables.</div><div> I also suspect that the answer also involves running the "low level" scripts</div><div> in /usr/lib/rabbitmq/bin/, rather than the scripts in /usr/sbin/.</div><div> Further, I suspect that some directories may need to have their ownership</div><div> and/or attributes changed to something other than "rabbitmq".</div><div><br></div><div> So what I'm looking for is a list of what exactly I need to do, both at</div><div> launch time, as well as possibly at install time.</div><div><br></div><div> FWIW, we need to launch rabbitmq-server ourselves, rather than having it</div><div> auto start on boot. I know how to accomplish this, but it might be useful</div><div> context when deciding how to approach the above.</div><div><br></div><div> Thanks much,</div><div><br></div><div> Matt</div><div><br></div><div><br></div><div><br></div><div> _______________________________________________</div><div> rabbitmq-discuss mailing list</div><div> <a href="mailto:rabbitmq-discuss@lists.rabbitmq.com">rabbitmq-discuss@lists.rabbitmq.com</a></div><div> <a href="https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss">https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss</a></div><div><br></div><div><br></div></blockquote><div><br></div></blockquote></body></html>