Administering GreenArrow Without root Access
- Table of Contents
- Managing & Administering the Software
GreenArrow must be installed using the
root user account. After installation, most management and administration of the software can be performed using
Upgrading GreenArrow requires upgrading operating system packages.
The upgrade must either be done as
root or using
sudo as a user who has permission to run all upgrade procedure commands.
Managing & Administering the Software
Management and administration of the software can be done by changing file permission and giving
sudo access to specific commands.
Editing Configuration Files
You can modify the file permissions in
/var/hvmail/control/ so that they can be edited from your non-
root user account.
You could also make all of these files owned by a group that your non-
root user belongs to, make these files owned by that group, and grant read/write permission to “group” on those files.
Filesystem permission updates will need to be re-run after every GreenArrow package update because package updates reset the permissions.
You could also provide
sudo access to create, overwrite, and delete files in this directory.
You will need to allow many commands to be run as
Here is a list. As far as we know it is complete. As you administer the software you may discover more commands in the documentation that need to be added to this list.
/var/hvmail/bin/greenarrow /var/hvmail/bin/greenarrow_blockers /var/hvmail/bin/greenarrow_config /var/hvmail/bin/greenarrow_convert_powermta_configuration /var/hvmail/bin/greenarrow_status /var/hvmail/bin/hvmail_check_config /var/hvmail/bin/hvmail_check_events_table /var/hvmail/bin/hvmail_db_test /var/hvmail/bin/hvmail_event_processor /var/hvmail/bin/hvmail_hw_specs /var/hvmail/bin/hvmail_init /var/hvmail/bin/hvmail_postgres_manager /var/hvmail/bin/hvmail_report /var/hvmail/bin/hvmail_set /var/hvmail/bin/hvmail_speed_test /var/hvmail/bin/hvmail_status /var/hvmail/bin/hvmail_unmanged_backup /var/hvmail/bin/hvmail_update_httpd_config /var/hvmail/bin/hvmail_update_tcprules /var/hvmail/djb/bin/svc /var/hvmail/djb/bin/svstat
/var/hvmail/log/ need to be read.
If you need to limit to specifc commands to accessing files in this directory, here is a sample list of commands:
ls /var/hvmail/log ls /var/hvmail/log/* ls /var/hvmail/log/*/* cat /var/hvmail/log/* cat /var/hvmail/log/*/* tail -F /var/hvmail/log/*/current tail /var/hvmail/log/*/current
Files inside of
/var/hvmail/log are automatically created and rotated, so their permissions will get reset as they are rotated. Therefor updating permissions to allow access is not recommended.
We recommend copying
/root/.pgpass to the home directory of the non-
root UNIX user that you will use to administer GreenArrow. This allows you to be automatically logged in without a password prompt when running
If you are giving GreenArrow access to troubleshoot your install using
sudo, then you must also install the following utilities, and give GreenArrow
sudo access to them: