Creating a Dedicated User Account on the Operating System to Run Confluence

Still need help?

The Atlassian Community is here for you.

Ask the community

A dedicated user should be created to run Confluence, because Confluence runs as the user it is invoked under and therefore can potentially be abused.

This is optional if you're evaluating Confluence, but is required for production installations. If you used the Confluence installer on Linux, this user will be created automatically.

Create a dedicated user account

Linux

If your operating system is *nix-based (for example, Linux or Solaris), type the following in a console:

$ sudo /usr/sbin/useradd --create-home --comment "Account for running Confluence" --shell /bin/bash confluence

Windows

If your operating system is Windows create the dedicated user account by typing the following at the Windows command line:

> net user confluence mypassword /add /comment:"Account for running Confluence"

(This creates a user account with user name 'confluence' and password 'mypassword'. You should choose your own password.)

Alternatively, open the Windows 'Computer Management' console to add your 'confluence' user with its own password.

Next, Use the Windows 'Computer Management' console to remove the 'confluence' user's membership of all unnecessary Windows groups, such as the default 'Users' group.

If Windows is operating under Microsoft Active Directory, ask your Active Directory administrator to create your 'confluence' account (with no prior privileges).

Allow the account to write to specific Confluence directories 

Ensure that the following directories can be read and written to by this dedicated user account (e.g. 'confluence'):

Linux

To achieve this in Linux run the following commands:

sudo chown -R confluence <confluence-home-folder>/
sudo chown -R confluence <confluence-install-folder>/logs
sudo chown -R confluence <confluence-install-folder>/work
sudo chown -R confluence <confluence-install-folder>/temp

The other install directories should be left as root as those are controlled by the installer and allow for future upgrades:

sudo chmod -R u=rwx,g=rx,o=rx <confluence-install-folder>
sudo chmod -R u=rwx,g=rx,o=rx <confluence-home-folder>

See also Best Practices for Configuring Confluence Security.

Last modified on Sep 3, 2020

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.