lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hoss Man (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
Date Mon, 03 Oct 2016 22:02:21 GMT

    [ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15543560#comment-15543560
] 

Hoss Man commented on SOLR-7826:
--------------------------------

Forgive me, I thought i mentioned this before but...

bq. Well, since SOLR-9547 we warn against running solr as root, so fewer users will make that
mistake, and if they do, they need to -force both start and create commands.

Except that SOLR-9547 is really just a spin off of this issue, with the same broader problem
of UID mismatches between the user running the command and the owner of the files on disk
-- It's not really an independent reason to add {{-force}}.  The same "fix" I'm suggesting
here is also applicable to {{bin/solr start}} (ie: don't allow solr to start unless {{`whoami`}}
matches the owner of the cores directory on the filesystem) 

----

bq. ... In my eyes that is improvement over perfection. ...

And we are both entitled to our opinions -- In my eyes: 

* even if the initial bug report was specific to running as root, that is a single example
of an underlying problem that causes strange behavior/errors anytime the user running the
command isn't the same as the user owning the files on disk.
* the solution(s) you committed (both here and in SOLR-9547) only address in the special case
of running as root -- which I view as a bandaid over the underlying problem
* the solution you committed introduces a new "api" / feature ({{-force}}) which we are now
in a position of needing to support/consider moving forward.

...hence my concern that on the whole, this isn't a "net" overall improvement -- we've "fixed"
the initial bug as reported, but not the underlying problem; and the way we've fixed it has
increased the surface area of the "{{bin/solr}} command line api" in a way that I find confusing
and will find hard to explain/justify to users moving forward.

bq. It will always be possible for you or others to open new issues and work on improving
usability even more.

Agreed, but now any such improvements in the future will be hamstrung in terms of supporting
the {{-force}} option added here.

If the only change made in this jira (and SOLR-9547) was the bandaid to fail fast when run
as root -- then i would 100% agree with your view that those changes are an improvement to
the current situation, even if not a perfect solution to the underlying problem.  But I don't
personally think adding a " {{-force}} feature" like this (as a side effect of a bug fix)
is a good idea until/unless it is more carefully and consistently thought out for all commands.

Please don't think I'm trying to brow beat you into reverting this change -- You stepped up
to provide a fix when I and many others didn't, so I'm in no position to argue with you about
it.

If I find the time/inclination to put in the work needed to implement & test a more complete
solution to the underlying problem _before_ we release a version of Solr with {{-force}} in
it, then I'll re-raise the question of whether {{-force}} is actually a good idea.  Until
then, i was just hoping to persuade you to voluntarily revert it --  If I haven't convinced
you it's a bad idea, then i haven't convinced you -- and i'm ok with that.

> Permission issues when creating cores with bin/solr as root user
> ----------------------------------------------------------------
>
>                 Key: SOLR-7826
>                 URL: https://issues.apache.org/jira/browse/SOLR-7826
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Shawn Heisey
>            Assignee: Jan H√łydahl
>            Priority: Minor
>              Labels: newdev
>             Fix For: 6.3, master (7.0)
>
>         Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script install_solr_service.sh ...
so it is running as an unprivileged user.
> User is running "bin/solr create" as root.  This causes permission problems, because
the script creates the core's instanceDir with root ownership, then when Solr is instructed
to actually create the core, it cannot create the dataDir.
> Enhancement idea:  When the install script is used, leave breadcrumbs somewhere so that
the "create core" section of the main script can find it and su to the user specified during
install.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message