Best practice for running Linux Tentacle

I’ve installed a Linux tentacle and it looks like by default, it installs and runs as root. Is there a way to specify at the machine level that deployment scripts should run as a certain user for given deployments? I.e. we wouldn’t want to allow developers to write bash scripts that will run as root because then it could do something destructive. Or is the only way to limit what a deployment script could do is to have the Tentacle service run under a different service account?


Hi Gary,

Thanks for getting in touch!

The permissions of the tentacle and any scripts it runs are controlled by the account that the service is running as. So, the best option here would be to create a new account for the Tentacle service, assign the desired permissions and then switch the Tentacle service to that user account.

We are also in the initial stages of providing a root-less Tentacle installation too. We’re hoping that this will be available within the next month or so.


This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.