Non root user worked fine. After upgrade we are back to using root.

[Thomas Baun]

A couple of months ago you switched the default startup behavior to use the flashphoner user.
"Since build 5.2.801, WCS is starting as service from flashphoner user for better security" https://docs.flashphoner.com/display/WCS52EN/Starting+and+stopping
But now on build 5.2.902 we seem to be back to using the root user.
Is this due to a reverted security policy on your side or should we expect to get the flashphoner user back to be the default behaviour in the next release?

 

[Max]

Good day.
The following logic is implemented in the latest builds:
1. The command

systemctl start webcallserver

starts WCS always from flashphoner user, if the user exists in system and WCS_NON_ROOT=true in /usr/local/FlashphonerWebCallServer/bin/setenv.sh file
2. The command

./webcallserver start

starts WCS from root when executing from root.
Please clarify how do you start WCS.
Please also note that since build 5.2.892, if you're upgrading the instance from some build before 5.2.801, the service will also start from root because some customer report a various side effects if mount points are used for records or logs folders

 

[Thomas Baun]

Hi again.
WCS is started with systemctl start webcallserver
Current version is 5.5.902 - this server was upgraded from 5.2.603.
But WCS_NON_ROOT=true and the flashphoner user has been automatically created.
Is this expected behaviour and would you recommend that we keep the service running as root or is there some other actions we should take in order to get it running as non-root?

 

[Max]

Current version is 5.5.902 - this server was upgraded from 5.2.603.
...
Is this expected behaviour and would you recommend that we keep the service running as root or is there some other actions we should take in order to get it running as non-root?

Yes, this is a normal behaviour. You can keep the service running as root because the critical vulnerability which can affect root privilegies was fixed in build 5.2.780.