Bug 1878753

Summary: RFE: Allow atd(at-3.1.20-11.el8) to default to a non-root user
Product: Red Hat Enterprise Linux 8 Reporter: XinhuaLi <xili>
Component: atAssignee: Ondřej Pohořelský <opohorel>
Status: CLOSED NOTABUG QA Contact: RHEL CS Apps Subsystem QE <rhel-cs-apps-subsystem-qe>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.2CC: kwalker
Target Milestone: rcKeywords: FutureFeature
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-12-15 09:54:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description XinhuaLi 2020-09-14 13:13:56 UTC 
Description of problem:
I notice that atd service which shipped with RHEL8.2 is still running as "root" user.
-----------------------------------------------------------------------------------
# ps -aux |grep -i atd
root        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------

As we can know that we are using the source from the URL below 
-----------------------------------------------------------------------------------
Name        : at
Version     : 3.1.20
Release     : 11.el8
Architecture: x86_64
Install Date: Wed 06 May 2020 05:42:21 PM CST
Group       : System Environment/Daemons
Size        : 130702
License     : GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
Signature   : RSA/SHA256, Sat 15 Dec 2018 05:45:55 AM CST, Key ID 199e2f91fd431d51
Source RPM  : at-3.1.20-11.el8.src.rpm
Build Date  : Sun 12 Aug 2018 04:43:08 PM CST
Build Host  : x86-vm-02.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : http://ftp.debian.org/debian/pool/main/a/at
Summary     : Job spooling tools
-----------------------------------------------------------------------------------
It seems that we could run this "atd" without "root" user. 
-----------------------------------------------------------------------------------
https://salsa.debian.org/debian/base-passwd/blob/master/doc/users-and-groups.sgml
-----------------------------------------------------------------------------------

So, are there any considerations why atd shipped with RHEL8.2 is still running with "root"  ?

Version-Release number of selected component (if applicable):
-----------------------------------------------------------------------------------
at-3.1.20-11.el8.x86_64
-----------------------------------------------------------------------------------

How reproducible:
-----------------------------------------------------------------------------------
Install at and then check via "ps -aux |grep atd"
-----------------------------------------------------------------------------------

Steps to Reproduce:
-----------------------------------------------------------------------------------
1. install "at" 
2. enable "atd"
3. check via "ps -aux |grep atd"
-----------------------------------------------------------------------------------

Actual results:
-----------------------------------------------------------------------------------
# ps -aux |grep -i atd
root        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------

Expected results:
-----------------------------------------------------------------------------------
It runs as other user like 

# ps -aux |grep -i atd
daemon        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------
Additional info:
Comment 6 Ondřej Pohořelský 2020-12-15 09:54:56 UTC 
Because this is not a bug and customer case is closed, I close this with NOTABUG.

Feel free to reopen if this is a bug that should be fixed.