In order to relieve permission issues, switch FTS to user-space

[phreed]

Currently FTS installs as root into a root owned directory and FTS processes run as root.

This makes it difficult to administer the services as the base user.
It is possible to perform most administration tasks via sudo.
e.g.

• edit the main FTS configuration: sudo vi /opt/FTSConfig.yaml
• stop the FTS service: sudo systemctl stop fts.service
• edit the FTS UI configuration: sudo vi /root/fts.venv/lib/python3.11/site-packages/FreeTAKServer-UI/config.py
• become root: sudo su -

This works but it requires working as root which is generally discouraged.
To reduce the need to use sudo the following changes will be made:

• create an fts user and fts group
• install fts files with fts:fts ownership into /opt (see Install FTS into /opt instead of /root #112)
• run (via systemd) processes with fts permissions
• cause the installer to not need to be run with sudo
• add the base user (probably ubuntu) to the fts group so it can perform FTS maintenance tasks

[phreed]

It is not completely possible to eliminate the need to run the installer with sudo.

• create the fts user and group
• creating directories in /opt
• creating systemd services : does not strictly need to be done as root https://www.baeldung.com/linux/systemd-create-user-services

That said, reducing the need to run any step as root is a good thing.

[brothercorvo]

we can run the installer with SUDO but then run FTS with the new created user

[phreed]

I had the opportunity to study up on systemd. Rather than running the installer as root the application can use 'systemctl --user ...' as the 'fts' user, rather than 'sudo systemctl ...'.

[brothercorvo]

Have you tested that?

[phreed]

I have tested the approach on another similar system.