[jira] [Commented] (SOLR-9754) No shell specified in the su call

Fri, 11 Nov 2016 07:58:09 -0800 

    [ 
https://issues.apache.org/jira/browse/SOLR-9754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15657395#comment-15657395
 ] 

Shawn Heisey commented on SOLR-9754:
------------------------------------

The service install script creates the solr user with the system standard 
shell, not /bin/false.  I think it also creates that user such that it would be 
unable to log in (on Linux, the user gets an asterisk in the password field, 
not an empty value or a valid hash), regardless of the shell assigned.

The shebang in bin/solr is "/usr/bin/env bash" ... not "/bin/sh" ... so if we 
were to implement your idea, I think we should use the same value that the 
bin/solr script does.  Although it's highly unlikely that /bin/sh will be 
absent, using that value does represent another potential dependency that 
running directly with bin/solr does not impose.


> No shell specified in the su call
> ---------------------------------
>
>                 Key: SOLR-9754
>                 URL: https://issues.apache.org/jira/browse/SOLR-9754
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 5.5.3
>         Environment: Ubuntu Linux 16.04 LTS
>            Reporter: Anton Boritskiy
>
> The tarball version downloaded from 
> [here|http://www.apache.org/dyn/closer.lua/lucene/solr/5.5.3]
> has problem inside the {{bin/init.d/solr}} file.
> the very last lines of the file look like 
> {code}
> ...
> if [ -n "$RUNAS" ]; then
>   su -c "SOLR_INCLUDE=\"$SOLR_ENV\" \"$SOLR_INSTALL_DIR/bin/solr\" $SOLR_CMD" 
> - "$RUNAS"
> else
>   SOLR_INCLUDE="$SOLR_ENV" "$SOLR_INSTALL_DIR/bin/solr" "$SOLR_CMD"
> fi
> {code}
> the solr sturt up just breaks when {{solr}} user has {{/bin/false}} shell 
> assigned to it.
> Suggested change is to make that file look like 
> {code}
> ...
> if [ -n "$RUNAS" ]; then
>   su -s "/bin/sh" -c "SOLR_INCLUDE=\"$SOLR_ENV\" 
> \"$SOLR_INSTALL_DIR/bin/solr\" $SOLR_CMD" - "$RUNAS"
> else
>   SOLR_INCLUDE="$SOLR_ENV" "$SOLR_INSTALL_DIR/bin/solr" "$SOLR_CMD"
> fi
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to