[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15553060#comment-15553060 ] Jan Høydahl commented on SOLR-7826: --- Moved the AssertTool code to new issue SOLR-9610 > Permission issues when creating cores with bin/solr as root user > > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch, > SOLR-7826_sameuser.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15546431#comment-15546431 ] Jan Høydahl commented on SOLR-7826: --- I think I'll leave things as they are for now. Same-user policy for 7.0 sounds ok. Perhaps see where the breadcrumbs effort in SOLR-9590 leads us, but that will anyway not help for manual installs. One idea could be to determine whether Solr has been started before or not, i.e. by looking for a file that is always created by the Solr process, such as $SOLR_LOGS_DIR/solr.log or $SOLR_HOME//data/index, and require *that* user. If Solr has not been started before, let the start command succeed as any user, but test first that the user has write access to both SOLR_HOME and SOLR_LOGS_DIR? > Permission issues when creating cores with bin/solr as root user > > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch, > SOLR-7826_sameuser.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15545946#comment-15545946
]
Hoss Man commented on SOLR-7826:
1. I love your new AssertTool code
2. ...
bq. But then should it not be allowed to create SOLR_HOME by hand as another
user, and then make sure that the solr user has full access through its group
memberships? Or equivalent ACL rights for Windows? Seems potentially more
trappy than the root check...
That's a good point ... I feel like enforcing that the same user be used every
where is the lesser of the evils -- but only if we had been doing that since
day #1 in {{bin/solr}}. If we start enforcing that now that might screw people
with existing installs like you describe.
I honestly don't know how i feel about this issue anymore.
Maybe we should just stick with "only root is special / prohibited" behavior
for now (either using the code you already committed, or your new AssertTool
code) and consider more restrictive "use the same user everywhere, but
{{-force}} will " let you use any user" type logic in 7.0?
> Permission issues when creating cores with bin/solr as root user
>
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch,
> SOLR-7826_sameuser.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15545187#comment-15545187
]
Jan Høydahl commented on SOLR-7826:
---
But then should it not be allowed to create {{SOLR_HOME}} by hand as another
user, and then make sure that the {{solr}} user has full access through its
group memberships? Or equivalent ACL rights for Windows? Seems potentially more
trappy than the root check...
> Permission issues when creating cores with bin/solr as root user
>
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch,
> SOLR-7826_sameuser.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr as root user
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15543560#comment-15543560
]
Hoss Man commented on SOLR-7826:
Forgive me, I thought i mentioned this before but...
bq. Well, since SOLR-9547 we warn against running solr as root, so fewer users
will make that mistake, and if they do, they need to -force both start and
create commands.
Except that SOLR-9547 is really just a spin off of this issue, with the same
broader problem of UID mismatches between the user running the command and the
owner of the files on disk -- It's not really an independent reason to add
{{-force}}. The same "fix" I'm suggesting here is also applicable to
{{bin/solr start}} (ie: don't allow solr to start unless {{`whoami`}} matches
the owner of the cores directory on the filesystem)
bq. ... In my eyes that is improvement over perfection. ...
And we are both entitled to our opinions -- In my eyes:
* even if the initial bug report was specific to running as root, that is a
single example of an underlying problem that causes strange behavior/errors
anytime the user running the command isn't the same as the user owning the
files on disk.
* the solution(s) you committed (both here and in SOLR-9547) only address in
the special case of running as root -- which I view as a bandaid over the
underlying problem
* the solution you committed introduces a new "api" / feature ({{-force}})
which we are now in a position of needing to support/consider moving forward.
...hence my concern that on the whole, this isn't a "net" overall improvement
-- we've "fixed" the initial bug as reported, but not the underlying problem;
and the way we've fixed it has increased the surface area of the "{{bin/solr}}
command line api" in a way that I find confusing and will find hard to
explain/justify to users moving forward.
bq. It will always be possible for you or others to open new issues and work on
improving usability even more.
Agreed, but now any such improvements in the future will be hamstrung in terms
of supporting the {{-force}} option added here.
If the only change made in this jira (and SOLR-9547) was the bandaid to fail
fast when run as root -- then i would 100% agree with your view that those
changes are an improvement to the current situation, even if not a perfect
solution to the underlying problem. But I don't personally think adding a "
{{-force}} feature" like this (as a side effect of a bug fix) is a good idea
until/unless it is more carefully and consistently thought out for all commands.
Please don't think I'm trying to brow beat you into reverting this change --
You stepped up to provide a fix when I and many others didn't, so I'm in no
position to argue with you about it.
If I find the time/inclination to put in the work needed to implement & test a
more complete solution to the underlying problem _before_ we release a version
of Solr with {{-force}} in it, then I'll re-raise the question of whether
{{-force}} is actually a good idea. Until then, i was just hoping to persuade
you to voluntarily revert it -- If I haven't convinced you it's a bad idea,
then i haven't convinced you -- and i'm ok with that.
> Permission issues when creating cores with bin/solr as root user
>
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15543396#comment-15543396 ] Jan Høydahl commented on SOLR-7826: --- bq. we shouldn't have to wait for users to get screwed by bugs before we discuss if there is a better solution. Before this patch we had no safeguards whatsoever, but now we protect against inadvertently messing up by running as root. In my eyes that is improvement over perfection. It will always be possible for you or others to open new issues and work on improving usability even more. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15542918#comment-15542918
]
Hoss Man commented on SOLR-7826:
bq. Is this a real or theoretical problem? ...
By definition it's a theoretical problem because this code added here hasn't
been released yet -- that doesn't mean we shouldn't give serious consideration
to it ... we shouldn't have to wait for users to get screwed by bugs before we
discuss if there is a better solution.
bq. Testing on Ubuntu shows that the /var/solr folder is not writable by other
than the solr user, and new folders created by a user has group "solr"
you seem to be assuming that people only install using the installation script,
and that no one might ever changes the default groups/perms of the solr user.
On platforms where people install solr manually (either because the install
script doesn't support their os, or because they choose to) the default
group/perms of those directories could be anything.
We shouldn't make {{bin/solr}} only work well -- or fail cleanly -- if you
install exactly as we expect you to (and never change any file system perms, or
group masks) when it's just as easy to make {{bin/solr}} work well and fail
cleanly anytime by testing the *current* directory stats
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15540456#comment-15540456
]
Jan Høydahl commented on SOLR-7826:
---
bq. Just rejecting root won't help if solr is the effective UID of the process,
but user bob runs bin/solr create and the new core directories wind up owned by
bob but not readable by solr.
Is this a real or theoretical problem? Testing on Ubuntu shows that the
/var/solr folder is not writable by other than the solr user, and new folders
created by a user has group "solr". I tested running bin/solr create -c foo
with another user, and got
{noformat}
solr2@acc999d2179f:/opt/solr$ bin/solr create -c newcore
ERROR: Failed to create new core instance directory: /var/solr/data/newcore
{noformat}
On most other systems where some "staff" group may be used, folder permission
is "rwxr-xr-x" as far as I know, so a random other user cannot create files in
another users area.
So I think the current fix solves the problem at hand. But I agree it could be
solved more generically using {{stat}}. I'll leave that for future
improvements. Patches welcome.
bq. Likewise, running as root may be perfectly fine, if the original install
(foolishly) installed as root
Well, since SOLR-9547 we warn against running solr as root, so fewer users will
make that mistake, and if they do, they need to -force both start and create
commands.
bq. because a user who sees that there is a -force option for some bin/solr
commands would have a reasonable expectation that they will be "protected"
unless they specify -force on other risky solr commands as well
Currently, the {{-force}} option is added for the {{create}} and {{start}}
commands, but it is not advertised in {{-h}} printout, so users would only know
about it if trying to start solr or create cores as root. The documentation in
RefGuide clearly tells what the command is for.
You may be right that we could add even more protection for users by adding
{{-force}} flags for other situations as well, please open new JIRAs for those.
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15539560#comment-15539560 ] Shawn Heisey commented on SOLR-7826: +1 to comments by [~hossman]. I just opened SOLR-9590 for exploration. If "bin/solr create" IS run as root, the idea of paying attention to the owner of the parent directory and matching it seems like a good idea too. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15537330#comment-15537330
]
Hoss Man commented on SOLR-7826:
I know i'm late to the party, but FWIW: I think adding a {{\-force}} option and
treating "root" as special still leaves a lot of room for the underlying
problem to occur (and in general i think adding a {{\-force}} option that's
only supported by one (sub-)command is a bad idea -- more on that below) ...
Just rejecting {{root}} won't help if {{solr}} is the effective UID of the
process, but user {{bob}} runs {{bin/solr create}} and the new core directories
wind up owned by {{bob}} but not readable by {{solr}}. Likewise, running as
{{root}} may be perfectly fine, if the original install (foolishly) installed
as {{root}}
What really matters is that if {{bin/solr create}} is used to try and create
new core directories, those new core directories should *really* be owned by
whatever use owns the {{cores}} parent directory, and have the same
{{user:group}} permissions -- because that way, regardless of what effective UI
the solr process is running under, there's no risk that Solr will be able to
_find_ the new core dir, but not _read_ the new core dir.
ie:
* we don't have to do anything special to keep track of what user installed
solr, or treat {{root}} special
* all we have to do is compare {{whoami}} to {{stat -c '%U'}} on the {{cores}}
directory, and complain if they don't match
My general thoughts on {{\-force}}:
even if we switch to comparing the current user to the directory owner instead
of treating "root" as special, a {{\-force}} option could still be supported i
guess, but doesn't really seem necessary and in general i would say we should
avoid it unless/until we really think through _all_ of the possible commands
where we might want to enforce some restrictions unless {{-force}} is
specified. because a user who sees that there is a {{-force}} option for some
{{bin/solr}} commands would have a reasonable expectation that they will be
"protected" unless they specify {{-force}} on other risky solr commands as well
(ie: deleting a core that's currently LOADed?, delete ZK nodes currently used
by a collection? downloading files from ZK and overwriting existing files on
disk? uploading a config set and overwritting an existing config set with the
same name? etc...)
In general, i'm -0 to the changes made by this issue - i don't think Solr, on
the whole, is better off with these changes, and I'd encourage the folks who
worked on this jira to consider rolling them back and replacing them with a
{{`whoami` == `stat -c '%U' .../cores`}} type comparison instead.
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15514495#comment-15514495
]
Jan Høydahl commented on SOLR-7826:
---
Documented the {{-force}} flag and removed warning box in ref-guide
https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=50234737=50=49,
as the script will now warn the user itself :)
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Assignee: Jan Høydahl
>Priority: Minor
> Labels: newdev
> Fix For: 6.3, master (7.0)
>
> Attachments: SOLR-7826.patch, SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15511292#comment-15511292 ] Jan Høydahl commented on SOLR-7826: --- SOLR-9547 > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15511249#comment-15511249 ] Shawn Heisey commented on SOLR-7826: bq. The question is if we should discourage and warn about starting solr as root as well, since this is not recommended? I would say yes to this. I'd even go a little bit further. The script should refuse to run (without the force option) any command that creates or modifies filesystem data -- but only if Solr also writes to the same filesystem location. This would mean that creating collections in cloud mode and options like upconfig and downconfig would be perfectly acceptable to run as root. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1553#comment-1553 ] Jan Høydahl commented on SOLR-7826: --- Thanks for the discussion and the contributions. Binoy/Shawn, I hope you don't feel bad that I did not use your approach/patch. I thought it was a bit overkill. Since the installer script by default creates a "solr" user for starting solr, it would be very uncommon for Solr to be run as root, and absolutely not something we would recommend. So now we always warn. The question is if we should discourage and warn about *starting* solr as root as well, since this is not recommended? > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15511075#comment-15511075 ] ASF subversion and git services commented on SOLR-7826: --- Commit 6b10283765cf015aad59f054919134662d060c3b in lucene-solr's branch refs/heads/branch_6x from [~janhoy] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=6b10283 ] SOLR-7826: Refuse "bin/solr create" if run as root, unless -force is specified (cherry picked from commit 7561461) > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15511067#comment-15511067 ] ASF subversion and git services commented on SOLR-7826: --- Commit 7561461f738a447856bb93b0a847b0200fff4c9c in lucene-solr's branch refs/heads/master from [~janhoy] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=7561461 ] SOLR-7826: Refuse "bin/solr create" if run as root, unless -force is specified > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Assignee: Jan Høydahl >Priority: Minor > Labels: newdev > Fix For: 6.3, master (7.0) > > Attachments: SOLR-7826.patch, SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15472758#comment-15472758
]
nicerobot commented on SOLR-7826:
-
Using 6.2. I haven't tested the patch. If your unprivileged user it {{solr}},
this is a usable workaround. e.g.
{code}
sudo -u solr bin/solr create -c demo
{code}
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Priority: Minor
> Labels: newdev
> Attachments: SOLR-7826.patch
>
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15278555#comment-15278555 ] Binoy Dalal commented on SOLR-7826: --- Shawn/Jan, I've tested out this patch with the lucene-solr trunk. It works as per the requirements I've stated in my previous comment. Please review and let me know if the approach I've taken is fine or if I've missed something. If all's good then this patch is ready to be committed I guess. So one of the committers can take it up. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > Attachments: SOLR-7826.patch > > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15235549#comment-15235549 ] Binoy Dalal commented on SOLR-7826: --- I'm having a bit of an issue with the current implementation so I'll just outline my approach, and state the problem: 1) Detect the user while solr is first started. 2) Pass the user detected in (1) to SolrCLI and the option if any. 3) Perform the user and option check if user=root. 4) Return appropriate message. I'm facing a problem in step 1 and 2. I am not sure of how to store the detected user so that the next time the script is run, it can find that user. I've tried exporting the variable but that doesn't seem to work without adding the variable to permanent list of environment variables, which I don't think is something that should be done. Another option that I've thought of is to write the user id to a file like the solr port is written and use that in subsequent script calls for user checking, and delete it once solr is stopped. I think this would be a good approach. Please advise. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15234453#comment-15234453 ] Binoy Dalal commented on SOLR-7826: --- Ok. That makes sense. I'll finish off the patch and put it up asap. Thanks. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15234246#comment-15234246 ] Shawn Heisey commented on SOLR-7826: If the user has *started* Solr as root (rather than running the installer script and starting the service), then running "bin/solr create" as root is not a problem, and this is where the option comes in. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15234047#comment-15234047 ] Binoy Dalal commented on SOLR-7826: --- I've made modifications to the script and SolrCLI.java to support this but I don't think this approach really solves anything. Considering that solr was run as an unprivileged user, when creating the cores as root without the option, the script throws an error and bails. But when the option is used, the user will still be unable to create a core since the code will throw an AcessDeniedException, so usage of the option makes no difference whatsoever. I think it would make more sense if the user weren't allowed to create cores at all using root, or if the AccessDeniedException was caught and a suitable warning was provided to the user. I would like to know your thoughts on this. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15228749#comment-15228749 ] Shawn Heisey commented on SOLR-7826: [~binoydala...@gmail.com]: Exactly. If the script detects uid 0 when creating cores (probably more accurate than checking the username), abort, unless the special option is provided. This check is not required when creating collections in cloud mode, because the script doesn't touch the filesystem. Solr itself handles the filesystem work. > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15227772#comment-15227772 ] Binoy Dalal commented on SOLR-7826: --- I would like to take a shot at this. So the idea is to put in an extra option and a warning to users right? > Permission issues when creating cores with bin/solr > --- > > Key: SOLR-7826 > URL: https://issues.apache.org/jira/browse/SOLR-7826 > Project: Solr > Issue Type: Improvement >Reporter: Shawn Heisey >Priority: Minor > Labels: newdev > > Ran into an interesting situation on IRC today. > Solr has been installed as a service using the shell script > install_solr_service.sh ... so it is running as an unprivileged user. > User is running "bin/solr create" as root. This causes permission problems, > because the script creates the core's instanceDir with root ownership, then > when Solr is instructed to actually create the core, it cannot create the > dataDir. > Enhancement idea: When the install script is used, leave breadcrumbs > somewhere so that the "create core" section of the main script can find it > and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15121740#comment-15121740
]
Jan Høydahl commented on SOLR-7826:
---
Tagging this as {{newdev}}, as it should be 3 lines in {{bin/solr}} :-)
> Permission issues when creating cores with bin/solr
> ---
>
> Key: SOLR-7826
> URL: https://issues.apache.org/jira/browse/SOLR-7826
> Project: Solr
> Issue Type: Improvement
>Reporter: Shawn Heisey
>Priority: Minor
> Labels: newdev
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script
> install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root. This causes permission problems,
> because the script creates the core's instanceDir with root ownership, then
> when Solr is instructed to actually create the core, it cannot create the
> dataDir.
> Enhancement idea: When the install script is used, leave breadcrumbs
> somewhere so that the "create core" section of the main script can find it
> and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14692407#comment-14692407 ] Shawn Heisey commented on SOLR-7826: Initial attempts are not working completely, and I'm fighting with a flaky Internet connection at the location where I'm doing the work. If I manage to get something that works right, I'll upload a patch. Permission issues when creating cores with bin/solr --- Key: SOLR-7826 URL: https://issues.apache.org/jira/browse/SOLR-7826 Project: Solr Issue Type: Improvement Reporter: Shawn Heisey Priority: Minor Ran into an interesting situation on IRC today. Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user. User is running bin/solr create as root. This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir. Enhancement idea: When the install script is used, leave breadcrumbs somewhere so that the create core section of the main script can find it and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14681358#comment-14681358
]
Jan Høydahl commented on SOLR-7826:
---
I believe creating cores as root will cause problems every single time, so why
allow it at all? Perhaps bin/solr always should bail out early if executed as
root, perhaps with an {{--runasrootonyourownrisk}} param to override?
Permission issues when creating cores with bin/solr
---
Key: SOLR-7826
URL: https://issues.apache.org/jira/browse/SOLR-7826
Project: Solr
Issue Type: Improvement
Reporter: Shawn Heisey
Priority: Minor
Ran into an interesting situation on IRC today.
Solr has been installed as a service using the shell script
install_solr_service.sh ... so it is running as an unprivileged user.
User is running bin/solr create as root. This causes permission problems,
because the script creates the core's instanceDir with root ownership, then
when Solr is instructed to actually create the core, it cannot create the
dataDir.
Enhancement idea: When the install script is used, leave breadcrumbs
somewhere so that the create core section of the main script can find it
and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14681977#comment-14681977 ] Shawn Heisey commented on SOLR-7826: bq. Perhaps bin/solr always should bail out early if executed as root, perhaps with an --runasrootonyourownrisk param to override? Sounds awesome to me. There's another project that does something similar to protect the user from themselves, and the option to explicitly force the action is not documented anywhere except in the program output, which I think is a reasonable thing to do here. I want to say that it's the linux raid tools (mdadm) that has the undocumented I really know what I'm doing, please proceed option, but I can no longer remember ... and google isn't helpful since it's not documented. ;) Permission issues when creating cores with bin/solr --- Key: SOLR-7826 URL: https://issues.apache.org/jira/browse/SOLR-7826 Project: Solr Issue Type: Improvement Reporter: Shawn Heisey Priority: Minor Ran into an interesting situation on IRC today. Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user. User is running bin/solr create as root. This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir. Enhancement idea: When the install script is used, leave breadcrumbs somewhere so that the create core section of the main script can find it and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14682420#comment-14682420 ] Shawn Heisey commented on SOLR-7826: I'm going to assume that the id command (/usr/bin/id on Ubuntu and redhat-based systems) is present in the system and that the short options on a commercial Unix behave like the gnu version. On Linux, the id command is in the same package (coreutils) as ls so I think this is a safe assumption. Permission issues when creating cores with bin/solr --- Key: SOLR-7826 URL: https://issues.apache.org/jira/browse/SOLR-7826 Project: Solr Issue Type: Improvement Reporter: Shawn Heisey Priority: Minor Ran into an interesting situation on IRC today. Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user. User is running bin/solr create as root. This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir. Enhancement idea: When the install script is used, leave breadcrumbs somewhere so that the create core section of the main script can find it and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[
https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14682393#comment-14682393
]
Shawn Heisey commented on SOLR-7826:
Found this info related to the mkraid command. I can't seem to find that
command on any of my Linux installs right now, so it appears this command is
not currently part of the mdadm package, and may be an old utility that has not
survived to the present. I still like the idea of requiring an option that can
only be discovered by actually trying to perform the action that's considered
unsafe.
{code}
-f, --force, --really-force, -R
Forces the initialization, even if data or filesystems are detected on any
of the block devices to be included in the array. This is a fail-safe to
prevent uninitiated users from accidentally destroying their data. The
--really-force or -R flag is undocumented in the command help and manual pages.
When the -f or --force flags are used, mkraid will display an additional
warning and request that the command be retyped with the --really-force flag.
{code}
I have seen another program with a force option that's quite long and
essentially makes the user type out something like I acknowledge that this is
a really bad idea to run the command. I don't think we need to go that far,
but I was quite amused by it.
Permission issues when creating cores with bin/solr
---
Key: SOLR-7826
URL: https://issues.apache.org/jira/browse/SOLR-7826
Project: Solr
Issue Type: Improvement
Reporter: Shawn Heisey
Priority: Minor
Ran into an interesting situation on IRC today.
Solr has been installed as a service using the shell script
install_solr_service.sh ... so it is running as an unprivileged user.
User is running bin/solr create as root. This causes permission problems,
because the script creates the core's instanceDir with root ownership, then
when Solr is instructed to actually create the core, it cannot create the
dataDir.
Enhancement idea: When the install script is used, leave breadcrumbs
somewhere so that the create core section of the main script can find it
and su to the user specified during install.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14680422#comment-14680422 ] Shawn Heisey commented on SOLR-7826: At the very least, the script should probably detect uid 0 and display a warning saying that creating cores as root might cause permission issues. Permission issues when creating cores with bin/solr --- Key: SOLR-7826 URL: https://issues.apache.org/jira/browse/SOLR-7826 Project: Solr Issue Type: Improvement Reporter: Shawn Heisey Priority: Minor Ran into an interesting situation on IRC today. Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user. User is running bin/solr create as root. This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir. Enhancement idea: When the install script is used, leave breadcrumbs somewhere so that the create core section of the main script can find it and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-7826) Permission issues when creating cores with bin/solr
[ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14639384#comment-14639384 ] Shawn Heisey commented on SOLR-7826: I know, the user should not be logged in as root. Let's just not have that flamewar, OK? Permission issues when creating cores with bin/solr --- Key: SOLR-7826 URL: https://issues.apache.org/jira/browse/SOLR-7826 Project: Solr Issue Type: Improvement Reporter: Shawn Heisey Priority: Minor Ran into an interesting situation on IRC today. Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user. User is running bin/solr create as root. This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir. Enhancement idea: When the install script is used, leave breadcrumbs somewhere so that the create core section of the main script can find it and su to the user specified during install. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
