Hello,
in the systemd startup unit file described on Automatic Plone (re)starts — Plone Documentation v5.2 , there is no User= or Group= definitions ;
without these lines, plone will be running with the user root
(( in previous versions, there was the plone_buildout and plone_daemon users which were defined and forced when buildout or running plone, but these enforcements have vanished in the more recent versions ))
I just rechecked a small server where I have used the systemd as suggested in the instructions. By having the plone instance housed in the home of a particular user it is run under that user, not root. On my simple test server I have two different users running different instances of Plone. A call to ps aux | grep plone. Will return the plone jobs and the user they are running under.
Jonathan
You can use the effective-user directive provided by p.r.zope2instance and others in your buildout config so that Plone will run as that user. Ex:
[instance1]
recipe = plone.recipe.zope2instance
...
effective-user = plone
[zeoserver]
recipe = plone.recipe.zeoserver
...
effective-user = plone
thank you, i did add the effective-user line but buildout echoed it as deprecated feature ; but maybe i did put it in the wrong buildout section