In releases prior to ClustrixDB 9, the database could only be run with as the root system user. With ClustrixDB 9, it can now be run as a non-root user on CentOS 7. Installing ClustrixDB requires root or sudo access, but as part of installation you can specify which user(s) should be used to run and manage the database.
Overview of Users
The following Linux OS user accounts used to install and operate ClustrixDB:
Linux OS User
How it is used
Runs the initial installation of the ClustrixDB software. The installation can be run indirectly through sudo privileges granted to another Linux user. Subsequent upgrades of ClustrixDB do not need root-level permissions.
The ClustrixDB processes run as the clxd Linux user. This is a daemon account, and therefore administrators should not log into Linux using this account. The one exception is when performing ClustrixDB upgrades, the upgrade is executed as the clxd Linux user.
This Linux user is intended to be used by administrators to work with the ClustrixDB software. This user is typically configured to have its environment set for convenient use of the ClustrixDB command-line tools. The ClustrixDBI uses clustrix instead of clxm.
There is no performance difference with running ClustrixDB as a non-root user. The ClustrixDB installer will create both the clxd and clxm users if they do not already exist.
To reduce confusion within your team and when working with Clustrix Support, we recommend leaving the ClustrixDB Daemon user at the default (clxd). This default user name helps identify this Linux user as a daemon-only account that should not be used by administrators during normal operation
You may wish to use a different Linux user for the ClustrixDB Management user. This can be specified as part of installation.
For example, if you normally log into Linux using a user named sysops, and you would like to manage ClustrixDB while logged in as this sysops user, then during the ClustrixDB installation, select sysops as the Management user instead of clxm.
OS users cannot be modified once installation is complete.
Configure clxd and clxm Linux users
When using the recommended options, the ClustrixDB installer will automatically create the daemon ( clxd) and management ( clxm) users and grant the associated privileges. If you prefer to specify existing users, please note the following:
ClustrixDB Daemon (clxd):
This Linux user should not be granted sudo privileges. Doing so would effectively allow the ClustrixDB installation to run with root privileges.
To facilitate cluster-wide upgrades of the ClustrixDB software, the clxd Linux user should have passwordless SSH access configured between ClustrixDB nodes. See Configure SSH Authentication for instructions on how to set this up.
ClustrixDB Management (default: clxm):
This Linux user does not require sudo privileges.
To facilitate easy use of the ClustrixDB command-line management tools, passwordless SSH access between ClustrixDB nodes should be configured for this user.
Non-root vs Root installation and upgrade:
performed as root
performed as root
Access the UI
As the database user (clxd)
Root upgrade is not supported
|OS||CentOS 7 (recommended)||CentOS 6 or CentOS 7|
There is no performance difference with running ClustrixDB as a non-root user.
Differences between non-root and root:
Host-based authentication is not supported (see Configure SSH Authentication for more information on connectivity between nodes in ClustrixDB 9 non-root)
If the database is in read only mode, taking a mysqldump requires using the --lock-tables=false option
Prepare a system for running as non-root
In addition to the normal steps to prepare a system for running ClustrixDB, If you previously installed ClustrixDB using a root-based install, perform the following steps (as root) to prepare a node for a non-root install:
shell> rm /dev/shm/*
Clustrix now supports RHEL/CentOS 7. If you are migrating from an existing installation to a non-root installation, Clustrix recommends also migrating to RHEL/CentOS 7 at the same time.