Default users RHEL

An overview of the default user profiles that created during a clean platform installation.

The installation procedure creates several default user profiles at platform level, as well as at host system level, to access and manage third-party components and processes.
These users receive a standard set of user rights and permissions to allow them to carry out their tasks.

They interact only with the component(s) they manage and control.
These users and groups are organized in separate compartments, where each user is responsible for one or more specific, and closely related, tasks.


User

Group

Sudo

Component

Description

Home dir

root

root


# Root-access login shell
sudo -i

Celery workers and task runners, graph ingestion, intel ingestion, search ingestion.

Platform user responsible for operational tasks like accessing Celery tasks, writing data to the graph ingestion storage location, and accessing the TAXII service.

root:eclecticiq owns the following platform configuration files:

  • opentaxii.yml

  • platform_settings.py

  • proxy_url

/root

eclecticiq

eclecticiq


sudo -u eclecticiq

  • Platform configuration files.

  • eiq-platform platform command line utility.

The eclecticiq user:

  • Cannot log in from the terminal.

  • Does not have a shell.

  • Prepend it as sudo user to commands that must run under the eclecticiq user.

/home/eclecticiq

elasticsearch

elasticsearch


su -s /bin/bash elasticsearch

Elasticsearch search and indexing database.

Search and indexing database user.

/var/lib/elasticsearch

logstash

logstash


sudo -i -u logstash

Logstash log aggregator.

Log aggregator user.

/usr/share/logstash

neo4j

neo4j


sudo -i -u neo4j

Neo4j graph database.

Graph database user.

/var/lib/neo4j

neo4jbatcher

neo4jbatcher


su -s /bin/bash neo4jbatcher

Ingestion preprocessing module for Neo4j.

eclecticiq-neo4jbatcher user.

/home/neo4jbatcher

nginx

nginx


sudo -i -u nginx

Nginx web server.

Web server user and group.

/var/cache/nginx

postgres

postgres


sudo -i -u postgres

PostgreSQL database.

Database user, can access the default platform database.

To start a PostgreSQL shell as a super user with root-level access:

sudo -u postgres psql

/var/lib/pgsql

redis

redis


sudo -i -u redis

Redis server, message broker and queue manager.

Redis database and message broker user.

/var/lib/redis

kibana

kibana


sudo -i -u kibana

Kibana

Kibana, a data visualization component for Elasticsearch.

/home/kibana

See also