Bug#682172: unblock: couchdb/1.2.0-2
On Tue, Nov 20, 2012 at 21:17:21 +, Laszlo Boszormenyi (GCS) wrote:
On Mon, 2012-11-19 at 11:07 +0100, Julien Cristau wrote:
On Mon, Nov 19, 2012 at 01:18:34 +, Laszlo Boszormenyi (GCS) wrote:
Agree. That's an other thing upstream should fix. However I don't think
that would happen soon, at least not for Wheezy. I'll ask about it.
Until then this sleep may fixes the majority (maybe all) of the
problems.
Why can't this be fixed in your init script if upstream won't fix it in
time?
Touché! First I thought it's not possible. 'couchdb -d' sends a signal
to the running process that it should stop. It returns immediately and
doesn't wait until it completely ends. Then found 'couchdb -s' which
display the status of the daemon. While it's not my initscript, I've
changed that to wait until the status is running.
Changes between the current Wheezy version and the planned 1.2.0-3
upload is attached.
Thanks, I think that should be acceptable.
In short, it fixes four RC bugs:
- now properly create a couchdb owned rundir,
That looks better, I think.
- wait for complete stop of the daemon, and this allows to:
- purge the package properly,
- restart the service without failing,
Doesn't seem crazy.
- logrotate will properly own the rotated files.
OK, I guess. Though why is the dir owned by couchdb in the first place
instead of root?
+--- couchdb-1.2.0.orig/etc/init/couchdb.tpl.in
couchdb-1.2.0/etc/init/couchdb.tpl.in
+@@ -102,6 +102,8 @@ stop_couchdb () {
+ # Stop the running Apache CouchDB process.
+
+ run_command $COUCHDB -d /dev/null
++while [ $(couchdb -s 2/dev/null | grep -c process) -eq 1 ]; \
++do echo -n .; sleep 1; done;
+ }
+
+ display_status () {
Slightly weird to use $COUCHDB everywhere except in this one place where
you write couchdb.
Cheers,
Julien
signature.asc
Description: Digital signature
Bug#682172: unblock: couchdb/1.2.0-2
On Wed, 2012-11-21 at 19:36 +0100, Julien Cristau wrote:
On Tue, Nov 20, 2012 at 21:17:21 +, Laszlo Boszormenyi (GCS) wrote:
Thanks, I think that should be acceptable.
OK, -3 will be uploaded if you nod on the s/couchdb/$COUCHDB/ change.
See below.
- logrotate will properly own the rotated files.
OK, I guess. Though why is the dir owned by couchdb in the first place
instead of root?
It's common for daemons to own their logdir and logfiles, even weird
owners do exist. See Apache2, its logdir is root:adm /var/log/apache2/ ,
for Exim it's Debian-exim:adm /var/log/exim4/ . But for the former, see
MongoDB: mongodb:mongodb /var/log/mongodb/ ,
MySQL: mysql:adm /var/log/mysql/ , Redis: redis:redis /var/log/redis/ .
CouchDB uses the same, its logdir is couchdb:couchdb /var/log/couchdb/ ,
can't give you a special reason for that.
+--- couchdb-1.2.0.orig/etc/init/couchdb.tpl.in
couchdb-1.2.0/etc/init/couchdb.tpl.in
+@@ -102,6 +102,8 @@ stop_couchdb () {
+ # Stop the running Apache CouchDB process.
+
+ run_command $COUCHDB -d /dev/null
++while [ $(couchdb -s 2/dev/null | grep -c process) -eq 1 ]; \
++do echo -n .; sleep 1; done;
+ }
+
+ display_status () {
Slightly weird to use $COUCHDB everywhere except in this one place where
you write couchdb.
Tested on the CLI, then copied late in the evening. Will be:
++while [ $($COUCHDB -s 2/dev/null | grep -c process) -eq 1 ]; \
++do echo -n .; sleep 1; done;
Is it okay to upload -3 with the discussed changes?
Cheers,
Laszlo/GCS
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1353530389.15123.335.camel@julia
Bug#682172: unblock: couchdb/1.2.0-2
On 21.11.2012 21:39, Laszlo Boszormenyi (GCS) wrote: Tested on the CLI, then copied late in the evening. Will be: ++while [ $($COUCHDB -s 2/dev/null | grep -c process) -eq 1 ]; \ ++do echo -n .; sleep 1; done; Is it okay to upload -3 with the discussed changes? Thanks, that looks a bit better. My only concern now would be, that you can end up in a endless loop if the couchdb instance doesn't want to die. Can such a situation happen or will couchdb -d forcefully kill the processes automatically? Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#682172: unblock: couchdb/1.2.0-2
On Wed, 2012-11-21 at 21:44 +0100, Michael Biebl wrote: On 21.11.2012 21:39, Laszlo Boszormenyi (GCS) wrote: Tested on the CLI, then copied late in the evening. Will be: ++while [ $($COUCHDB -s 2/dev/null | grep -c process) -eq 1 ]; \ ++do echo -n .; sleep 1; done; Is it okay to upload -3 with the discussed changes? Thanks, that looks a bit better. My only concern now would be, that you can end up in a endless loop if the couchdb instance doesn't want to die. Can such a situation happen or will couchdb -d forcefully kill the processes automatically? I don't think it'll be forcefully killed, but not sure. I'm not good in Erlang. But I propose the following then just to be sure: RET=1; for i in $(seq 1 30); do status=`$COUCHDB -s 2/dev/null | grep -c process`; if [ $status -eq 0 ]; then RET=0; break; fi; echo -n .; sleep 1s; done; return $RET Should the time be increased or maybe decreased? Half a minute sounds acceptable for me, but you may think otherwise. Cheers, Laszlo/GCS -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1353533165.15123.340.camel@julia
Bug#682172: unblock: couchdb/1.2.0-2
On Mon, 2012-11-19 at 11:07 +0100, Julien Cristau wrote:
On Mon, Nov 19, 2012 at 01:18:34 +, Laszlo Boszormenyi (GCS) wrote:
Agree. That's an other thing upstream should fix. However I don't think
that would happen soon, at least not for Wheezy. I'll ask about it.
Until then this sleep may fixes the majority (maybe all) of the
problems.
Why can't this be fixed in your init script if upstream won't fix it in
time?
Touché! First I thought it's not possible. 'couchdb -d' sends a signal
to the running process that it should stop. It returns immediately and
doesn't wait until it completely ends. Then found 'couchdb -s' which
display the status of the daemon. While it's not my initscript, I've
changed that to wait until the status is running.
Changes between the current Wheezy version and the planned 1.2.0-3
upload is attached.
In short, it fixes four RC bugs:
- now properly create a couchdb owned rundir,
- wait for complete stop of the daemon, and this allows to:
- purge the package properly,
- restart the service without failing,
- logrotate will properly own the rotated files.
Hope it's now ready to go and will have the promise to be unblocked when
its time comes.
Regards,
Laszlo/GCS
diff -Nur couchdb-1.2.0-1/debian/changelog couchdb-1.2.0-3/debian/changelog
--- couchdb-1.2.0-1/debian/changelog 2012-06-29 20:31:16.0 +0200
+++ couchdb-1.2.0-3/debian/changelog 2012-11-20 21:36:00.0 +0100
@@ -1,3 +1,17 @@
+couchdb (1.2.0-3) unstable; urgency=low
+
+ * Rework couchdb own run directory (updates: #681549).
+ * Wait until complete stop of service (closes: #692295).
+ * Use couchdb user for logrotate (closes: #652172).
+
+ -- Laszlo Boszormenyi (GCS) g...@debian.hu Sun, 18 Nov 2012 12:24:24 +0100
+
+couchdb (1.2.0-2) unstable; urgency=low
+
+ * Make couchdb user own its run directory (closes: #681549).
+
+ -- Laszlo Boszormenyi (GCS) g...@debian.hu Thu, 19 Jul 2012 20:13:25 +0200
+
couchdb (1.2.0-1) unstable; urgency=low
* New major upstream release (closes: #672141).
diff -Nur couchdb-1.2.0-1/debian/patches/couchdb_own_rundir.patch couchdb-1.2.0-3/debian/patches/couchdb_own_rundir.patch
--- couchdb-1.2.0-1/debian/patches/couchdb_own_rundir.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/couchdb_own_rundir.patch 2012-11-18 21:32:47.0 +0100
@@ -0,0 +1,20 @@
+Description: Initscript creates RUN_DIR , make sure it's owned by couchdb
+ Use install to make COUCHDB_USER own the RUN_DIR being created.
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/681549
+Last-Update: 2012-11-18
+
+---
+
+--- couchdb-1.2.0.orig/etc/init/couchdb.tpl.in
couchdb-1.2.0/etc/init/couchdb.tpl.in
+@@ -83,7 +83,8 @@ run_command () {
+ start_couchdb () {
+ # Start Apache CouchDB as a background process.
+
+-mkdir -p $RUN_DIR
++test -e $RUN_DIR || \
++install -m 755 -o $COUCHDB_USER -g $COUCHDB_USER -d $RUN_DIR
+ command=$COUCHDB -b
+ if test -n $COUCHDB_STDOUT_FILE; then
+ command=$command -o $COUCHDB_STDOUT_FILE
diff -Nur couchdb-1.2.0-1/debian/patches/logrotate_as_couchdb.patch couchdb-1.2.0-3/debian/patches/logrotate_as_couchdb.patch
--- couchdb-1.2.0-1/debian/patches/logrotate_as_couchdb.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/logrotate_as_couchdb.patch 2012-11-18 21:31:42.0 +0100
@@ -0,0 +1,16 @@
+Description: Use logrotate as couchdb user
+ Use su and create to make logfiles owned by couchdb
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/652172
+Last-Update: 2012-11-18
+---
+
+--- couchdb-1.2.0.orig/etc/logrotate.d/couchdb.tpl.in
couchdb-1.2.0/etc/logrotate.d/couchdb.tpl.in
+@@ -6,4 +6,6 @@
+compress
+notifempty
+missingok
++ su couchdb couchdb
++ create 0640 couchdb couchdb
+ }
diff -Nur couchdb-1.2.0-1/debian/patches/series couchdb-1.2.0-3/debian/patches/series
--- couchdb-1.2.0-1/debian/patches/series 2011-11-27 09:19:17.0 +0100
+++ couchdb-1.2.0-3/debian/patches/series 2012-11-20 21:35:33.0 +0100
@@ -1 +1,4 @@
force-reload.patch
+couchdb_own_rundir.patch
+logrotate_as_couchdb.patch
+wait_for_couchdb_stop.patch
diff -Nur couchdb-1.2.0-1/debian/patches/wait_for_couchdb_stop.patch couchdb-1.2.0-3/debian/patches/wait_for_couchdb_stop.patch
--- couchdb-1.2.0-1/debian/patches/wait_for_couchdb_stop.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/wait_for_couchdb_stop.patch 2012-11-20 21:52:18.0 +0100
@@ -0,0 +1,20 @@
+Description: Wait for complete stop of CouchDB
+ Check if CouchDB is already stopped and wait for a second if not before
+ checking again.
+ .
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/692295
+Last-Update: 2012-11-20
+---
+
+--- couchdb-1.2.0.orig/etc/init/couchdb.tpl.in
couchdb-1.2.0/etc/init/couchdb.tpl.in
+@@ -102,6 +102,8 @@ stop_couchdb
Bug#682172: unblock: couchdb/1.2.0-2
On Mon, Nov 19, 2012 at 01:18:34 +, Laszlo Boszormenyi (GCS) wrote: Agree. That's an other thing upstream should fix. However I don't think that would happen soon, at least not for Wheezy. I'll ask about it. Until then this sleep may fixes the majority (maybe all) of the problems. Why can't this be fixed in your init script if upstream won't fix it in time? Cheers, Julien signature.asc Description: Digital signature
Bug#682172: unblock: couchdb/1.2.0-2
On Mon, 2012-11-12 at 21:28 +, Adam D. Barratt wrote:
On Fri, 2012-10-12 at 05:22 +, Laszlo Boszormenyi (GCS) wrote:
On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote:
[ about CouchDB storing its PID file as root ]
Ping. Is this getting fixed?
Upstream knows about this issue, promised a fix which won't be easy as
I can remember. Now they are busy with releasing 1.3.0 and a bugfix
branch of 1.2.0 . Don't know exactly if it's included, but will ping
them.
Any news on that?
Nope. :( Upstream is still busy on how 1.3.0 should be released. I
don't get any answer as of yet.
Asking about upload permission of -3 targeting Wheezy with the attached
changes.
Fixes four RC bugs. The first one is that couchdb needs some time to
stop. Added three seconds wait time to stop in initscript and to postrm
(the latter comes from Ubuntu). Otherwise couchdb can't be restarted and
can't be purged.
The rundir is now created with the help of 'install', only if it doesn't
existed before.
Last, but not least the logrotate configuration is fixed. Now creates
and rotates logfiles as couchdb.
Regards,
Laszlo/GCS
diff -Nur couchdb-1.2.0-1/debian/changelog couchdb-1.2.0-3/debian/changelog
--- couchdb-1.2.0-1/debian/changelog 2012-06-29 20:31:16.0 +0200
+++ couchdb-1.2.0-3/debian/changelog 2012-11-18 21:11:08.0 +0100
@@ -1,3 +1,22 @@
+couchdb (1.2.0-3) unstable; urgency=low
+
+ * Rework couchdb own run directory (updates: #652172).
+ * Wait a bit for complete stop of service (closes: #692295).
+ * Use couchdb user for logrotate (closes: #652172).
+
+ [ Jason Gerard DeRose ]
+ * Added a short sleep delay in couchdb.postrm so couchdb is more likely to
+have actually terminated by the time we `deluser couchdb`, which is needed
+for `sudo apt-get purge couchdb` to work when couchdb is running
+
+ -- Laszlo Boszormenyi (GCS) g...@debian.hu Sun, 18 Nov 2012 12:24:24 +0100
+
+couchdb (1.2.0-2) unstable; urgency=low
+
+ * Make couchdb user own its run directory (closes: #681549).
+
+ -- Laszlo Boszormenyi (GCS) g...@debian.hu Thu, 19 Jul 2012 20:13:25 +0200
+
couchdb (1.2.0-1) unstable; urgency=low
* New major upstream release (closes: #672141).
diff -Nur couchdb-1.2.0-1/debian/patches/couchdb_own_rundir.patch couchdb-1.2.0-3/debian/patches/couchdb_own_rundir.patch
--- couchdb-1.2.0-1/debian/patches/couchdb_own_rundir.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/couchdb_own_rundir.patch 2012-11-18 21:32:47.696128156 +0100
@@ -0,0 +1,20 @@
+Description: Initscript creates RUN_DIR , make sure it's owned by couchdb
+ Use install to make COUCHDB_USER own the RUN_DIR being created.
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/681549
+Last-Update: 2012-11-18
+
+---
+
+--- couchdb-1.2.0.orig/etc/init/couchdb.tpl.in
couchdb-1.2.0/etc/init/couchdb.tpl.in
+@@ -83,7 +83,8 @@ run_command () {
+ start_couchdb () {
+ # Start Apache CouchDB as a background process.
+
+-mkdir -p $RUN_DIR
++test -e $RUN_DIR || \
++install -m 755 -o $COUCHDB_USER -g $COUCHDB_USER -d $RUN_DIR
+ command=$COUCHDB -b
+ if test -n $COUCHDB_STDOUT_FILE; then
+ command=$command -o $COUCHDB_STDOUT_FILE
diff -Nur couchdb-1.2.0-1/debian/patches/logrotate_as_couchdb.patch couchdb-1.2.0-3/debian/patches/logrotate_as_couchdb.patch
--- couchdb-1.2.0-1/debian/patches/logrotate_as_couchdb.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/logrotate_as_couchdb.patch 2012-11-18 21:31:42.084124771 +0100
@@ -0,0 +1,16 @@
+Description: Use logrotate as couchdb user
+ Use su and create to make logfiles owned by couchdb
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/652172
+Last-Update: 2012-11-18
+---
+
+--- couchdb-1.2.0.orig/etc/logrotate.d/couchdb.tpl.in
couchdb-1.2.0/etc/logrotate.d/couchdb.tpl.in
+@@ -6,4 +6,6 @@
+compress
+notifempty
+missingok
++ su couchdb couchdb
++ create 0640 couchdb couchdb
+ }
diff -Nur couchdb-1.2.0-1/debian/patches/series couchdb-1.2.0-3/debian/patches/series
--- couchdb-1.2.0-1/debian/patches/series 2011-11-27 09:19:17.0 +0100
+++ couchdb-1.2.0-3/debian/patches/series 2012-11-18 21:16:56.0 +0100
@@ -1 +1,4 @@
force-reload.patch
+couchdb_own_rundir.patch
+logrotate_as_couchdb.patch
+wait_for_couchdb_stop.patch
diff -Nur couchdb-1.2.0-1/debian/patches/wait_for_couchdb_stop.patch couchdb-1.2.0-3/debian/patches/wait_for_couchdb_stop.patch
--- couchdb-1.2.0-1/debian/patches/wait_for_couchdb_stop.patch 1970-01-01 01:00:00.0 +0100
+++ couchdb-1.2.0-3/debian/patches/wait_for_couchdb_stop.patch 2012-11-18 21:20:05.0 +0100
@@ -0,0 +1,17 @@
+Description: Wait three seconds to let couchdb really stop
+ As couchdb needs some time to stop, wait a bit for that.
+Author: Laszlo Boszormenyi (GCS) g...@debian.hu
+Bug-Debian: http://bugs.debian.org/692295
Bug#682172: unblock: couchdb/1.2.0-2
On 18.11.2012 21:42, Laszlo Boszormenyi (GCS) wrote: Fixes four RC bugs. The first one is that couchdb needs some time to stop. Added three seconds wait time to stop in initscript and to postrm (the latter comes from Ubuntu). Otherwise couchdb can't be restarted and can't be purged. Such sleeps are really icky. Who says 3 seconds are enough? That entirely depends on your hardware and in what situation your system is in (load, etc). If couchdb -d, which is used on stop, does not block until the server has been safely shutdown, then this needs to be fixed, properly. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#682172: unblock: couchdb/1.2.0-2
On Mon, 2012-11-19 at 01:56 +0100, Michael Biebl wrote: On 18.11.2012 21:42, Laszlo Boszormenyi (GCS) wrote: Fixes four RC bugs. The first one is that couchdb needs some time to stop. Added three seconds wait time to stop in initscript and to postrm (the latter comes from Ubuntu). Otherwise couchdb can't be restarted and can't be purged. Such sleeps are really icky. Who says 3 seconds are enough? That entirely depends on your hardware and in what situation your system is in (load, etc). If couchdb -d, which is used on stop, does not block until the server has been safely shutdown, then this needs to be fixed, properly. Agree. That's an other thing upstream should fix. However I don't think that would happen soon, at least not for Wheezy. I'll ask about it. Until then this sleep may fixes the majority (maybe all) of the problems. Laszlo/GCS -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1353287914.15123.279.camel@julia
Bug#682172: unblock: couchdb/1.2.0-2
On Fri, 2012-10-12 at 05:22 +, Laszlo Boszormenyi (GCS) wrote: On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote: [ about CouchDB storing its PID file as root ] Ping. Is this getting fixed? Upstream knows about this issue, promised a fix which won't be easy as I can remember. Now they are busy with releasing 1.3.0 and a bugfix branch of 1.2.0 . Don't know exactly if it's included, but will ping them. Any news on that? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1352755728.27968.73.ca...@jacala.jungle.funky-badger.org
Bug#682172: unblock: couchdb/1.2.0-2
On Sat, Sep 15, 2012 at 20:10:46 +0200, Julien Cristau wrote: On Tue, Aug 21, 2012 at 22:07:56 +, Laszlo Boszormenyi (GCS) wrote: On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote: On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote: On new installs /var/run/couchdb is created to store the pidfile in, but as root:root . Then the couchdb user can't store its pid there, due to owner problems. Filed as important, but can be RC as couchdb fails to start if can't store the pidfile. The fix is oneliner: +++ couchdb-1.2.0/etc/init/couchdb.tpl.in mkdir -p $RUN_DIR +chown -R $COUCHDB_USER $RUN_DIR command=$COUCHDB -b Can't the pidfile be written to before dropping privs? chown -R feels rather ick, I can't see why the -R should be necessary and I can see a few ways it could be bad. Agree, -R can be problematic. What about [ -d $RUN_DIR ] || (mkdir -p $RUN_DIR; chown $COUCHDB_USER $RUN_DIR) ? It would change ownership only at creation time, own that dir only to $COUCHDB_USER . Doesn't change anything below that directory and in fact, after its creation it'll be empty anyway. I guess that could work. Can't say I like it much, but there's precedent for non-root-owned /var/log subdirectories, so... Ping. Is this getting fixed? Cheers, Julien signature.asc Description: Digital signature
Bug#682172: unblock: couchdb/1.2.0-2
On Thu, 2012-10-11 at 23:18 +0200, Julien Cristau wrote: [ about CouchDB storing its PID file as root ] Ping. Is this getting fixed? Upstream knows about this issue, promised a fix which won't be easy as I can remember. Now they are busy with releasing 1.3.0 and a bugfix branch of 1.2.0 . Don't know exactly if it's included, but will ping them. Laszlo/GCS -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1350019343.25403.12.camel@julia
Bug#682172: unblock: couchdb/1.2.0-2
On Wednesday, 22 August 2012 00:20:01 UTC+2, Laszlo Boszormenyi (GCS) wrote: On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote: On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote: On new installs /var/run/couchdb is created to store the pidfile in, but as root:root . Then the couchdb user can't store its pid there, due to owner problems. Filed as important, but can be RC as couchdb fails to start if can't store the pidfile. The fix is oneliner: +++ couchdb-1.2.0/etc/init/couchdb.tpl.in mkdir -p $RUN_DIR +chown -R $COUCHDB_USER $RUN_DIR command=$COUCHDB -b Can't the pidfile be written to before dropping privs? chown -R feels rather ick, I can't see why the -R should be necessary and I can see a few ways it could be bad. Agree, -R can be problematic. What about [ -d $RUN_DIR ] || (mkdir -p $RUN_DIR; chown $COUCHDB_USER $RUN_DIR) ? It would change ownership only at creation time, own that dir only to $COUCHDB_USER . Doesn't change anything below that directory and in fact, after its creation it'll be empty anyway. Laszlo/GCS -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Laszlo, It would be great to submit this upstream to CouchDB so we can get it addressed for 1.3.0. Are you OK to log a JIRA ticket for this? Thanks Dave d...@apache.org -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/fadf2f37-a4e8-4c31-9308-156b5a254...@googlegroups.com
Processed: Re: Bug#682172: unblock: couchdb/1.2.0-2
Processing control commands: tags -1 + moreinfo Bug #682172 [release.debian.org] unblock: couchdb/1.2.0-2 Ignoring request to alter tags of bug #682172 to the same tags previously set -- 682172: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682172 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b682172.134557916328772.transcr...@bugs.debian.org
Bug#682172: unblock: couchdb/1.2.0-2
Control: tags -1 + moreinfo On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote: On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote: +++ couchdb-1.2.0/etc/init/couchdb.tpl.in mkdir -p $RUN_DIR +chown -R $COUCHDB_USER $RUN_DIR command=$COUCHDB -b Can't the pidfile be written to before dropping privs? chown -R feels rather ick, I can't see why the -R should be necessary and I can see a few ways it could be bad. Ping? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1345579076.6830.14.ca...@jacala.jungle.funky-badger.org
Bug#682172: unblock: couchdb/1.2.0-2
On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote: On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote: On new installs /var/run/couchdb is created to store the pidfile in, but as root:root . Then the couchdb user can't store its pid there, due to owner problems. Filed as important, but can be RC as couchdb fails to start if can't store the pidfile. The fix is oneliner: +++ couchdb-1.2.0/etc/init/couchdb.tpl.in mkdir -p $RUN_DIR +chown -R $COUCHDB_USER $RUN_DIR command=$COUCHDB -b Can't the pidfile be written to before dropping privs? chown -R feels rather ick, I can't see why the -R should be necessary and I can see a few ways it could be bad. Agree, -R can be problematic. What about [ -d $RUN_DIR ] || (mkdir -p $RUN_DIR; chown $COUCHDB_USER $RUN_DIR) ? It would change ownership only at creation time, own that dir only to $COUCHDB_USER . Doesn't change anything below that directory and in fact, after its creation it'll be empty anyway. Laszlo/GCS -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1345586876.14167.326.camel@julia
Bug#682172: unblock: couchdb/1.2.0-2
On Thu, Jul 19, 2012 at 23:43:56 +, Laszlo Boszormenyi (GCS) wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception thanks Hi, Please unblock couchdb/1.2.0-2 which fixes #681549 [1]. On new installs /var/run/couchdb is created to store the pidfile in, but as root:root . Then the couchdb user can't store its pid there, due to owner problems. Filed as important, but can be RC as couchdb fails to start if can't store the pidfile. The fix is oneliner: +++ couchdb-1.2.0/etc/init/couchdb.tpl.in mkdir -p $RUN_DIR +chown -R $COUCHDB_USER $RUN_DIR command=$COUCHDB -b Can't the pidfile be written to before dropping privs? chown -R feels rather ick, I can't see why the -R should be necessary and I can see a few ways it could be bad. Cheers, Julien signature.asc Description: Digital signature
