|
|
|
|
|
|
by hlandau
3844 days ago
|
|
|
Some people don't want to run a client as root because they don't want to increase their attack surface or don't trust the software to that extent. The purpose of the non-root manual is to allow people to take understandable steps as root to enable the client to operate not as root. It should be possible to use the client without having root access, by passing --state (and perhaps --hooks) to use a state directory you control. |
|
|
My motivation for not requiring root is shared hosting: I have a regular user witch access to an Apache webroot directory. They didn't fully automate Let's Encrypt, but they provide a script which installs certificates for the central webserver. So I have to download and run any ACME client myself to get my certificates.