Question & Answer
QRadar Versions 7.3.2 or later use the following user accounts for services to improve security and access control:
These specific accounts are used by the vault and traefik services, and by the docker registry that is used for app runtime. They control access, improve security and belong to specific groups that enable them to access data required for those services.
These accounts cannot be disabled, deleted, or renamed.
These accounts do not have a default password, and are strictly used to control access on the host. They cannot be logged in to locally or remotely.
Changing the shell from nologin is not supported.
Was this topic helpful?
20 June 2019