Setup Neo4j Service to run with different service ID
By default when neo4j is installed as an RPM via yum or apt-get, it creates a user neo4j
and group neo4j
and runs as neo4j
user.
However it might be required to run Neo4j service as another service id other than neo4j
.
So in this article we will take a look at how to go about configuring Service id to run Neo4j service.
For simplicity lets assume the activity is performed on Redhat Release 7.x
Follow instructions as specified in the Neo4j Operations Manual Documentation to install Neo4j Enterprise. https://neo4j.com/docs/operations-manual/current/installation/linux/rpm/
Once the Neo4j service is installed, a new user and group are created called neo4j
.
When the Neo4j service is started using sudo systemctl start neo4j
, the service is started by user neo4j
.
To setup and start the Neo4j service as a different user we must follow the below outlined steps.
We will use the user testuser
and group testuser
to setup neo4j service.
First step is to edit the neo4j.service
and change the user and group as testuser
so the service can start as that user and group.
sudo vi /usr/lib/systemd/system/neo4j.service
Edit as show below by changing the User
and Group
.
[Unit]
Description=Neo4j Graph Database
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/home/rohan_kharwar/neo4j-enterprise-3.5.5/bin/neo4j console
Restart=on-failure
User=testuser
Group=testuser
Environment="NEO4J_CONF=/home/rohan_kharwar/neo4j-enterprise-3.5.5/conf" "NEO4J_HOME=/home/rohan_kharwar/neo4j-enterprise-3.5.5"
LimitNOFILE=60000
TimeoutSec=120
[Install]
WantedBy=multi-user.target
Second step is to change the ownership of the below files to testuser:testuser
.
For RPM install:
/etc/neo4j /etc/neo4j/jmx.access /etc/neo4j/jmx.password /etc/neo4j/neo4j.conf /var/lib/neo4j /var/lib/neo4j/data /var/lib/neo4j/data/databases /var/lib/neo4j/import /var/lib/neo4j/plugins /var/log/neo4j /var/run/neo4j
Steps documented as :
$ sudo chown testuser:testuser -R /etc/neo4j
$ sudo chown testuser:testuser -R /var/lib/neo4j
$ sudo chown testuser:testuser -R /var/log/neo4j
$ sudo chown testuser:testuser -R /var/run/neo4j
Once the above steps are completed, the file ownership should be changed to testuser
.
Then start the neo4j service as:
$ sudo systemctl start neo4j
and this should start as the service user that was setup.
To verify if the neo4j service is started as user testuser
execute ps -ef | grep -i neo4j
and the output should show testuser
as given below
testuser 3296 1 26 18:00 ? 00:00:19 /usr/bin/java -cp /var/lib/neo4j/plugins:/etc/neo4j:/usr/share/neo4j/lib/*:/var/lib/neo4j/plugins/* -server -XX:+UseG1GC -XX:-OmitStackTraceInFastThrow -XX:+AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+TrustFinalNonStaticFields -XX:+DisableExplicitGC -Djdk.tls.ephemeralDHKeySize=2048 -Djdk.tls.rejectClientInitiatedRenegotiation=true -Dunsupported.dbms.udc.source=rpm -Dfile.encoding=UTF-8 com.neo4j.server.enterprise.CommercialEntryPoint --home-dir=/var/lib/neo4j --config-dir=/etc/neo4j
Was this page helpful?