1878753 – RFE: Allow atd(at-3.1.20-11.el8) to default to a non-root user

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1878753 - RFE: Allow atd(at-3.1.20-11.el8) to default to a non-root user

Summary: RFE: Allow atd(at-3.1.20-11.el8) to default to a non-root user

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	at
Sub Component:
Version:	8.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	8.0
Assignee:	Ondřej Pohořelský
QA Contact:	RHEL CS Apps Subsystem QE
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-09-14 13:13 UTC by XinhuaLi
Modified:	2023-12-15 19:19 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-12-15 09:54:56 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description XinhuaLi 2020-09-14 13:13:56 UTC

Description of problem:
I notice that atd service which shipped with RHEL8.2 is still running as "root" user.
-----------------------------------------------------------------------------------
# ps -aux |grep -i atd
root        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------

As we can know that we are using the source from the URL below 
-----------------------------------------------------------------------------------
Name        : at
Version     : 3.1.20
Release     : 11.el8
Architecture: x86_64
Install Date: Wed 06 May 2020 05:42:21 PM CST
Group       : System Environment/Daemons
Size        : 130702
License     : GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
Signature   : RSA/SHA256, Sat 15 Dec 2018 05:45:55 AM CST, Key ID 199e2f91fd431d51
Source RPM  : at-3.1.20-11.el8.src.rpm
Build Date  : Sun 12 Aug 2018 04:43:08 PM CST
Build Host  : x86-vm-02.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : http://ftp.debian.org/debian/pool/main/a/at
Summary     : Job spooling tools
-----------------------------------------------------------------------------------
It seems that we could run this "atd" without "root" user. 
-----------------------------------------------------------------------------------
https://salsa.debian.org/debian/base-passwd/blob/master/doc/users-and-groups.sgml
-----------------------------------------------------------------------------------

So, are there any considerations why atd shipped with RHEL8.2 is still running with "root"  ?

Version-Release number of selected component (if applicable):
-----------------------------------------------------------------------------------
at-3.1.20-11.el8.x86_64
-----------------------------------------------------------------------------------

How reproducible:
-----------------------------------------------------------------------------------
Install at and then check via "ps -aux |grep atd"
-----------------------------------------------------------------------------------

Steps to Reproduce:
-----------------------------------------------------------------------------------
1. install "at" 
2. enable "atd"
3. check via "ps -aux |grep atd"
-----------------------------------------------------------------------------------

Actual results:
-----------------------------------------------------------------------------------
# ps -aux |grep -i atd
root        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------

Expected results:
-----------------------------------------------------------------------------------
It runs as other user like 

# ps -aux |grep -i atd
daemon        1824  0.0  0.0  42624  2468 ?        Ss   Sep11   0:00 /usr/sbin/atd -f
-----------------------------------------------------------------------------------
Additional info:

Comment 6 Ondřej Pohořelský 2020-12-15 09:54:56 UTC

Because this is not a bug and customer case is closed, I close this with NOTABUG.

Feel free to reopen if this is a bug that should be fixed.

Note You need to log in before you can comment on or make changes to this bug.