Currently deployed services at /srv/deployment/[service] are owned by root.
Likewise, service config files at /etc/[service]/config.yaml are owned by root.
With Scap3 all files are owned by the user specified by the configuration parameter git_repo_user in the scap/scap.cfg file. It would require a lot of sudoers-wrangling to allow that user to be root.
We should figure out:
- Should root own the deployed service files under /srv/deployment?
- Should root own the rendered config files at /etc/[service]/config.yaml?
- If root doesn't need to own these files, who should?
- How can we ease the transition to Scap3 in terms of file ownership?