[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235549#comment-15235549
]
Binoy Dalal edited comment on SOLR-7826 at 4/11/16 5:49 PM:
------------------------------------------------------------
I'm having a bit of an issue with the current implementation so I'll just
outline my approach, and state the problem:
1) Detect the user while solr is first started.
2) Pass the user detected in (1) to SolrCLI and the option if any.
3) Perform the user and option check if user=root.
4) Return appropriate message.
I'm facing a problem in step 1 and 2. I am not sure of how to store the
detected user so that the next time the script is run, it can find that user.
I've tried exporting the variable but that doesn't seem to work without adding
the variable to permanent list of environment variables, which I don't think is
something that should be done.
Another option that I've thought of is to write the user id to a file like the
solr port is written and use that in subsequent script calls for user checking,
and delete it once solr is stopped. I think this would be a good approach.
Please advise.
-- EDIT --
I've tested out the file creation approach and it works fine.
To recap the requirements, to see if I missed something:
1) If solr is started as root, and user tries to create a core as root then
display warning with the option to user.
2) If solr is started as root, and user tries to create a core as root with
option, allow creation of core.
3) If solr is started as an unprivileged user and creation of a core is
attempted with root, an exception is thrown with the default behaviour (no
changes to be made here).
Let me know if I've missed something.
Thanks.
was (Author: binoydala...@gmail.com):
I'm having a bit of an issue with the current implementation so I'll just
outline my approach, and state the problem:
1) Detect the user while solr is first started.
2) Pass the user detected in (1) to SolrCLI and the option if any.
3) Perform the user and option check if user=root.
4) Return appropriate message.
I'm facing a problem in step 1 and 2. I am not sure of how to store the
detected user so that the next time the script is run, it can find that user.
I've tried exporting the variable but that doesn't seem to work without adding
the variable to permanent list of environment variables, which I don't think is
something that should be done.
Another option that I've thought of is to write the user id to a file like the
solr port is written and use that in subsequent script calls for user checking,
and delete it once solr is stopped. I think this would be a good approach.
Please advise.
--EDIT--
I've tested out the file creation approach and it works fine.
To recap the requirements, to see if I missed something:
1) If solr is started as root, and user tries to create a core as root then
display warning with the option to user.
2) If solr is started as root, and user tries to create a core as root with
option, allow creation of core.
3) If solr is started as an unprivileged user and creation of a core is
attempted with root, an exception is thrown with the default behaviour (no
changes to be made here).
Let me know if I've missed something.
Thanks.
> Permission issues when creating cores with bin/solr
> ---------------------------------------------------
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
> Reporter: Shawn Heisey
> Priority: Minor
> Labels: newdev
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
