[rabbitmq-discuss] How do I protect rabbitmqctl?

• Previous message: [rabbitmq-discuss] How do I protect rabbitmqctl?
• Next message: [rabbitmq-discuss] How do I protect rabbitmqctl?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/02/11 13:00, Max Bridgewater wrote:
> I've got a pretty simple question. I created a user called "root",
> then I set this user to admin (rabbitmqctl set_admin root) and cleared
> admin rights from from all other users (guest, etc.). Now, similar as
> when using mysql client, I was expecting that at some point, the tool
> rabbitmqctl would require credentials for creating new users and
> setting permissions. This doesn't seem to be the case. I'm missing
> something?

rabbitmqctl connects to Rabbit using the Erlang cookie. Possession of 
this cookie is equivalent to being an admin user (the admin user flag is 
used by the management plugin).

If you installed from .deb / RPM packages the cookie file should only be 
available to the rabbitmq user (and thus root via the script wrappers). 
If you installed by hand, check your home directory for .erlang.cookie 
and set permissions as appropriate.

Cheers, Simon
-- 
Simon MacMullen
Staff Engineer, RabbitMQ
SpringSource, a division of VMware

• Previous message: [rabbitmq-discuss] How do I protect rabbitmqctl?
• Next message: [rabbitmq-discuss] How do I protect rabbitmqctl?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]