GitaLab CE 12.1 is installed on the RHEL server from rpm.
OS users of git, gitlab-psql and gitalab-prometeus are automatically created when rpm is installed.
Our internal security department has asked if it is possible to change these OS user passwords on a regular basis.
Does changing the OS command passwd command periodically have no effect?
If you know, could you tell me?
We look forward to your response.
Greetings!
It can have a bit of an impact depending on your setup, but the gitlab.rb file does tend to have settings you can use for setting passwords and the like.
If you are simply changing the user passwords (like those stored via /etc/shadow and the like), you shouldn’t see an impact. By default, the shadow file would show a ! for the password field, meaning the user account is “locked” and the user doesn’t have an initial password set for it. This is normally fine, as you don’t traditionally access the server via those users anyhow.
If you are referring to the password and the like the services as using, you would want to ensure you update the database settings for the psql bit.
Hope this helps!