nicsftpagent.sh running as account other than root?
I'm looking at my first nicsftpagent.sh setup and I see the docs want everything running as root. Is this really necessary? Is there any reason the script can not run as a user with appropriate access to the logs that need to be sent (Apache and Apache Tomcat).
As long as I do the script setup, key creation, and initial SFTP connection as that user, it doesn't seem like this should be a problem. Is anyone else running this way?
I opened a case and Support says we should follow the documented process.
As per envision NIC SFTP Agent Script document, you are requested to login as root to complete the setup.
This is to avoid any possible permission issue when accessing the associated folder/files, so as to make sure the procedure/script will work.
I think it is possible you can use a non-root user account with appropriate privilege assigned to all the related folders/files.
However, envision engineering recommends you use root account as this is certified procedure.
We will probably give the setup a try with a dedicated user account to see if we can stay compliant with our security guidelines.
It works with a non-root user. Just have your Unix admins create a user and make sure that it has the permissions it needs to access the log files and sftp/scp them to enVision.