以非root用户身份运行Chef-client [英] Run the chef-client as non root user
问题描述
我想在我的linux机器上以测试用户身份运行Chef-client。为此,我将缓存路径添加到来自/etc/chef/client.rb的client.rb文件中。
cache_path〜/ .chef / cache
然后我从测试用户(非root用户)运行chef-client命令。它显示错误吗?
厨师在尝试创建客户端
如何设置缓存路径?是否有必要移动受测试用户的client.rb,chef-validator.pem,client.pem,first-boot.json?
首先,chef应该以root用户身份运行。很多资源都假设它们是root用户运行,并且需要它。如果不是以root用户身份运行,它们将失败。
对于您的错误,测试用户无权执行在 / etc / chef
(默认位置)中写入文件,并且需要写入 client.pem
节点证书。
一些想法:
- 授予
/ etc / chef
给测试用户 - 使用
sudo
与测试用户一起运行Chef客户端(需要sudoers文件中的一个条目) - 修改
client.rb
文件以指向client_key
到测试用户的主目录 - 以root用户身份首次运行chef,这样它就可以写入其节点证书,而不必在
/ etc / chef
I want to run the chef-client as a test user in my linux machine. For that, I add cache path in the client.rb file which is from /etc/chef/client.rb.
cache_path "~/.chef/cache"
Then I run the chef-client command from test user(non-root user).It shows error?
Chef encountered an error attempting to create the client
How to setup the cache-path? Is is necessary to move the client.rb,chef-validator.pem, client.pem, first-boot.json under test user?
First of all, chef is intended to be run as root. A lot of resources assume they're run as root, and need it. They will fail if not running as root.
For your error specifically, your test user has no right to write a file in /etc/chef
(default location) and it need to write the client.pem
node certificate.
Some ideas:
- Give rights on
/etc/chef
to your test user - use
sudo
to run chef client with a test user (need an entry in sudoers file) - Modify the
client.rb
file to pointclient_key
to your test user home directory - Do a first run of chef as root so it can write it's node certificate, then it won't have to write again in
/etc/chef
这篇关于以非root用户身份运行Chef-client的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!