Packaging: Set elasticsearch user to have non-existent homedir (#29007)

This commit adds setting the homedir for the elasticsearch user to the adduser command in the packaging preinstall script. While the elasticsearch user is a system user, it is sometimes conventient to have an existing homedir (even if it is not writeable). For example, running cron as the elasticsearch user will try to change dir to the homedir. closes #14453
elastic · May 8, 2018 · 3aead66 · 3aead66
1 parent 2b41755
commit 3aead66
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/distribution/packages/src/common/scripts/preinst b/distribution/packages/src/common/scripts/preinst
@@ -27,6 +27,7 @@ case "$1" in
             adduser --quiet \
                     --system \
                     --no-create-home \
+                    --home /nonexistent \
                     --ingroup elasticsearch \
                     --disabled-password \
                     --shell /bin/false \
@@ -50,8 +51,9 @@ case "$1" in
         # Create elasticsearch user if not existing
         if ! id elasticsearch > /dev/null 2>&1 ; then
             echo -n "Creating elasticsearch user..."
-            useradd -r \
-                    -M \
+            useradd --system \
+                    --no-create-home \
+                    --home-dir /nonexistent \
                     --gid elasticsearch \
                     --shell /sbin/nologin \
                     --comment "elasticsearch user" \

diff --git a/qa/vagrant/src/test/resources/packaging/utils/packages.bash b/qa/vagrant/src/test/resources/packaging/utils/packages.bash
@@ -88,6 +88,8 @@ verify_package_installation() {
     id elasticsearch
 
     getent group elasticsearch
+    # homedir is set in /etc/passwd but to a non existent directory
+    assert_file_not_exist $(getent passwd elasticsearch | cut -d: -f6)
 
     assert_file "$ESHOME" d root root 755
     assert_file "$ESHOME/bin" d root root 755