The RightLink 10 agent has historically run as a root/Administrator user, primarily because it is a systems management agent and systems management processes often requires root/Administrator privileges.
Starting with version 10.1.2, RightLink will no longer be run as the root user,
but instead be run under the
rightlink service account with the ability to
sudo to root as needed. Scripts/recipes run through RightLink will need to sudo
to root as needed.
This was done in order to help provide finer grain control over auditing and systems management actions via sudo logs and configuration.
Starting with version 10.2.1 for Windows, RightLink will no longer run as the
Administrator user. By default, RightLink will run under a Local Administrator
RightLink. RightLink may also be run under a Domain account,
though the account should have Administrative permissions for the box.
On Linux, RightLink can operate without root privileges. The only operations that require sudo are:
- rebooting or shutting down the server
- RightScripts that use sudo to gain security privileges of any user, including 'root'
- in order to change system configuration
On Windows, RightLink should have Administrative privileges to reboot/shutdown the server.
Since RightLink now runs without elevated permissions by default, sudo must be used for any administrative actions in RightScripts. For example:
apt-get install -y collectd
Will change to:
sudo apt-get install -y collectd
If a RightScript contains numerous options that require administrative permissions, the hashbang of the script may be altered to run the entire script as sudo. For example:
Can be changed to:
During RightLink installation, a
rightlink user is created for the rightlink service. In order to be able to do systems configuration, sudo permission is given by default to the
Sudo permission for the
rightlink account can be locked down to more specific permissions by altering the
sudo config at
/etc/sudoers.d/90-rightscale. This file is created during RightLink
installation but is not subsequently modified and may be altered as needed.
If modifying sudo, make sure to add in a minimal set for RightLink to function,
RightLink Operation, shown below:
# Rightlink service startup requires these directives: Defaults:root !requiretty Defaults:rightlink !requiretty Defaults:rightlink !env_reset root ALL=(ALL) SETENV:ALL # Blanket permissions. If you wish to remove the NOPASSWD:ALL line and tighten # permissions, you must add in permissions for lifecycle management (reboot/terminate) # via /sbin/init. The single line below would allow this: # rightlink ALL=(root) NOPASSWD:/sbin/init rightlink ALL=(ALL) SETENV:NOPASSWD:ALL
An example of a more locked down config is show below:
# Rightlink service startup requires these directives: Defaults:root !requiretty Defaults:rightlink !requiretty Defaults:rightlink !env_reset root ALL=(ALL) SETENV:ALL # Needed by Rightlink for lifecycle management (reboot/terminate) rightlink ALL=(root) NOPASSWD:/sbin/init # Some user directives examples. # Rightlink can only start/stop services rightlink ALL=(ALL) NOPASSWD:/sbin/service
An in-place upgrade from 10.0.x to 10.2.x using the RightLink Base ServerTemplate upgrade script is not possible, as the init scripts and Base ServerTemplate scripts have changed in incompatible ways.
If you launched a RightScale Server directly by bootstrapping via cloud-init, then there is currently no way to upgrade from 10.0.x to 10.2.x - you must relaunch a new server with the RightLink 10 10.2.x Linux / Windows Base ServerTemplate.