Why is the "service" user locked in to the plan?



Why does the plan dictate the user a service runs as? Why isn’t this modifiable at run time?

I can totally see a case for needing a “default” user, since everything has to be run as a user. But being unable to configure that user at run time, or worse being at the mercy of upstream, has the potential to cause lots of problems.

For instance: https://github.com/habitat-sh/core-plans/issues/1705

Back in May it seems the plan was updated to use the hab user instead of the root user. For some reason, auto update wasn’t triggered until the release of the consul 1.2.1 package, which brought with it the change in user, bringing down my entire cluster.

If I were able to say “use this user” at runtime or “don’t honor the plan user” this would alleviate this issue.

Also a few other use cases:

  • Maybe I have a standard organization wide user for a service, everything seems to default to hab, but if I wanted to run “consul” and “vault” as something other than “hab” I end up writing my own plan, just to change the user. This seems like an anti-pattern to me.

Ok, well, that’s really the only other use case that comes to mind…




I think it’s like that because that’s what it’s always been like :slight_smile:

I can’t think of any fundamental reason that we couldn’t allow for runtime specification of that, though. Would you mind filing an issue for this feature?


I’m very interested in this too and submitted the issue: https://github.com/habitat-sh/habitat/issues/5351