[rabbitmq-discuss] Running RabbitMQ as a different user
Jason J. W. Williams
jasonjwwilliams at gmail.com
Mon Dec 19 23:53:40 GMT 2011
I believe what you're looking for then is this section from the
RabbitMQ clustering guide:
"As an alternative, you can insert the option "-setcookie cookie" in
the erl call in the rabbitmq-server and rabbitmqctl scripts."
For what it's worth, we create a rabbitmq user on every system (for us
it's in LDAP, but you could write it out to the passwd file) and set
its home directory to /var/lib/rabbitmq. We then write out the
.erlang.cookie file into /var/lib/rabbitmq on every Rabbit node using
Chef (with permissions 0600). We're running Ubuntu 10.04.x LTS.
On Mon, Dec 19, 2011 at 3:47 PM, Matt Pietrek <mpietrek at skytap.com> wrote:
> Thanks Jason.
> That's helpful, but in my admittedly limited knowledge, I don't believe that
> it's as simple as that. In particular I don't understand how handle files
> being installed with rabbitmq as the owner.
> A little more context that I forgot to mention earlier:
> I need to cluster multiple nodes so explicitly specifying the cookie is
> necessary so they're synced. Also, specifying the cookie via an environment
> variable is preferred to having an additional cookie file that I need to
> copy to multiple machines.
> I need to be able to launch everything from scratch via my own script file
> (which will be on all nodes.)
> My current thinking is that my startup script will set some RABBITMQ
> environment variables (RABBITMQ_CONFIG_FILE, RABBITMQ_SERVER_START_ARGS,
> RABBITMQ_CTL_ERL_ARGS,). The script will then directly run rabbit-server in
> /usr/lib/rabbitmq/bin. Also, RABBITMQ_CONFIG_FILE will point to the
> rabbitmq.config file that I've dropped on all nodes to set up auto
> Thanks again,
> On 12/19/11 2:31 PM, "Jason J. W. Williams" <jasonjwwilliams at gmail.com>
> Hi Matt,
> This should do it on Ubuntu:
> sudo -H -u <user> /opt/rabbitmq-server/sbin/rabbitmq-server
> The Erlang process needs to find the Erlang cookie and will check the
> home directory of the executing user. You can also specify the
> explicit location of the Erlang cookie in the RabbitMQ arguments, but
> we find using the HOME environment simpler.
> On Mon, Dec 19, 2011 at 2:58 PM, Matt Pietrek <mpietrek at skytap.com> wrote:
> We have a production environment where all of our services run in a special,
> non-root account an an Ubuntu 10.04 environment. I'm experimenting with how
> to make RabbitMQ 2.7 run in this special account, rather than as the
> "rabbitmq" user, and not having much luck.
> Extensive searching of the mailing list makes me think I'm close, but I
> suspect I'm missing something fundamental.
> I believe part of the answer involves explicitly setting the "-cookie"
> option in RABBITMQ_SERVER_START_ARGS and RABBITMQ_CTL_ERL_ARGS environment
> I also suspect that the answer also involves running the "low level" scripts
> in /usr/lib/rabbitmq/bin/, rather than the scripts in /usr/sbin/.
> Further, I suspect that some directories may need to have their ownership
> and/or attributes changed to something other than "rabbitmq".
> So what I'm looking for is a list of what exactly I need to do, both at
> launch time, as well as possibly at install time.
> FWIW, we need to launch rabbitmq-server ourselves, rather than having it
> auto start on boot. I know how to accomplish this, but it might be useful
> context when deciding how to approach the above.
> Thanks much,
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
More information about the rabbitmq-discuss