You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Martin Higham (Created) (JIRA)" <ji...@apache.org> on 2011/12/02 11:55:40 UTC
[jira] [Created] (COUCHDB-1353) Adding security to the replication
database leads to crashes
Adding security to the replication database leads to crashes
------------------------------------------------------------
Key: COUCHDB-1353
URL: https://issues.apache.org/jira/browse/COUCHDB-1353
Project: CouchDB
Issue Type: Bug
Components: Replication
Affects Versions: 1.1.1, 1.2
Environment: Ubuntu
Reporter: Martin Higham
If I set Admin and reader security on the replication database the replicator will crash when adding new records to the database with a "not authorised error". It will continue to crash while trying to restart replication and even after a restart
1. Create several databases and replication rules - everything works fine
2. Add reader security to the replication database
3. Insert new document into the replication database. Replication will record the error and stop all replication
[Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Input :: ["ddoc","_design/_replicator",["valida
te_doc_update"],[{"_id":"8d158931ac19d99f96f2aad68104aa09","target":"testrep","continuous":true,"source":"http://admin:aaaaa@
127.0.0.1:5984/dbz_molly","_revisions":{"start":0,"ids":[]}},null,{"db":"ndz_replicator","name":"admin","roles":["_admin"]},{
"admins":{"names":[],"roles":["_admin","_replicator"]},"members":{"names":[],"roles":["_admin","_replicator"]}}]]
[Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Output :: 1
[Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.12560.0>] 109.150.210.170 - - PUT /ndz_replicator/8d158931ac19d99f96f2aad68104aa09
201
[Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.117.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs Names [] Roles [<<"
_admin">>,
<<"_admin">>,
<<"_replicator">>]
[Fri, 02 Dec 2011 10:45:36 GMT] [error] [<0.110.0>] Replication manager received unexpected message {'EXIT',
<0.117.0>,
{{nocatch,
{unauthorized,
<<"You are not authorized to access this db.">>}},
[{couch_db,
open,
2},
{couch_changes,
keep_sending_changes,
9},
{couch_changes,
'-handle_changes/3-fun-1-',
5},
{couch_replication_manager,
'-changes_feed_loop/0-fun-1-',
2}]}}
[Fri, 02 Dec 2011 10:45:36 GMT] [error] [emulator] Error in process <0.117.0> with exit value: {{nocatch,{unauthorized,<<41 b
ytes>>}},[{couch_db,open,2},{couch_changes,keep_sending_changes,9},{couch_changes,'-handle_changes/3-fun-1-',5},{couch_replic
ation_manager,'-changes_feed_loop/0-fun-1-',2}]}
[Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.110.0>] Stopping all ongoing replications because the replicator database was deleted or changed
I am testing against a trunk build of CouchDB but think I have seen similar behaviour on 1.1.x but hadn't pinned down the cause
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1353) Adding security to the
replication database leads to crashes
Posted by "Robert Newson (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13161560#comment-13161560 ]
Robert Newson commented on COUCHDB-1353:
----------------------------------------
Am I summarizing correctly that you've removed authorization for the replicator to read the replicator db and are wondering why the replicator can't read the replicator db?
> Adding security to the replication database leads to crashes
> ------------------------------------------------------------
>
> Key: COUCHDB-1353
> URL: https://issues.apache.org/jira/browse/COUCHDB-1353
> Project: CouchDB
> Issue Type: Bug
> Components: Replication
> Affects Versions: 1.1.1, 1.2
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If I set Admin and reader security on the replication database the replicator will crash when adding new records to the database with a "not authorised error". It will continue to crash while trying to restart replication and even after a restart
> 1. Create several databases and replication rules - everything works fine
> 2. Add reader security to the replication database
> 3. Insert new document into the replication database. Replication will record the error and stop all replication
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Input :: ["ddoc","_design/_replicator",["valida
> te_doc_update"],[{"_id":"8d158931ac19d99f96f2aad68104aa09","target":"testrep","continuous":true,"source":"http://admin:aaaaa@
> 127.0.0.1:5984/dbz_molly","_revisions":{"start":0,"ids":[]}},null,{"db":"ndz_replicator","name":"admin","roles":["_admin"]},{
> "admins":{"names":[],"roles":["_admin","_replicator"]},"members":{"names":[],"roles":["_admin","_replicator"]}}]]
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Output :: 1
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.12560.0>] 109.150.210.170 - - PUT /ndz_replicator/8d158931ac19d99f96f2aad68104aa09
> 201
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.117.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs Names [] Roles [<<"
> _admin">>,
> <<"_admin">>,
> <<"_replicator">>]
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [<0.110.0>] Replication manager received unexpected message {'EXIT',
> <0.117.0>,
> {{nocatch,
> {unauthorized,
> <<"You are not authorized to access this db.">>}},
> [{couch_db,
> open,
> 2},
> {couch_changes,
> keep_sending_changes,
> 9},
> {couch_changes,
> '-handle_changes/3-fun-1-',
> 5},
> {couch_replication_manager,
> '-changes_feed_loop/0-fun-1-',
> 2}]}}
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [emulator] Error in process <0.117.0> with exit value: {{nocatch,{unauthorized,<<41 b
> ytes>>}},[{couch_db,open,2},{couch_changes,keep_sending_changes,9},{couch_changes,'-handle_changes/3-fun-1-',5},{couch_replic
> ation_manager,'-changes_feed_loop/0-fun-1-',2}]}
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.110.0>] Stopping all ongoing replications because the replicator database was deleted or changed
> I am testing against a trunk build of CouchDB but think I have seen similar behaviour on 1.1.x but hadn't pinned down the cause
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (COUCHDB-1353) Adding security to the replication
database leads to crashes
Posted by "Filipe Manana (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana resolved COUCHDB-1353.
------------------------------------
Resolution: Fixed
Fix Version/s: 1.2
Thanks Martin.
This was caused by a recent changes on master and 1.2.x, it doesn't affect any release.
Fix applied to those 2 branches.
> Adding security to the replication database leads to crashes
> ------------------------------------------------------------
>
> Key: COUCHDB-1353
> URL: https://issues.apache.org/jira/browse/COUCHDB-1353
> Project: CouchDB
> Issue Type: Bug
> Components: Replication
> Affects Versions: 1.2
> Environment: Ubuntu
> Reporter: Martin Higham
> Fix For: 1.2
>
>
> If I set Admin and reader security on the replication database the replicator will crash when adding new records to the database with a "not authorised error". It will continue to crash while trying to restart replication and even after a restart
> 1. Create several databases and replication rules - everything works fine
> 2. Add reader security to the replication database
> 3. Insert new document into the replication database. Replication will record the error and stop all replication
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Input :: ["ddoc","_design/_replicator",["valida
> te_doc_update"],[{"_id":"8d158931ac19d99f96f2aad68104aa09","target":"testrep","continuous":true,"source":"http://admin:aaaaa@
> 127.0.0.1:5984/dbz_molly","_revisions":{"start":0,"ids":[]}},null,{"db":"ndz_replicator","name":"admin","roles":["_admin"]},{
> "admins":{"names":[],"roles":["_admin","_replicator"]},"members":{"names":[],"roles":["_admin","_replicator"]}}]]
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Output :: 1
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.12560.0>] 109.150.210.170 - - PUT /ndz_replicator/8d158931ac19d99f96f2aad68104aa09
> 201
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.117.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs Names [] Roles [<<"
> _admin">>,
> <<"_admin">>,
> <<"_replicator">>]
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [<0.110.0>] Replication manager received unexpected message {'EXIT',
> <0.117.0>,
> {{nocatch,
> {unauthorized,
> <<"You are not authorized to access this db.">>}},
> [{couch_db,
> open,
> 2},
> {couch_changes,
> keep_sending_changes,
> 9},
> {couch_changes,
> '-handle_changes/3-fun-1-',
> 5},
> {couch_replication_manager,
> '-changes_feed_loop/0-fun-1-',
> 2}]}}
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [emulator] Error in process <0.117.0> with exit value: {{nocatch,{unauthorized,<<41 b
> ytes>>}},[{couch_db,open,2},{couch_changes,keep_sending_changes,9},{couch_changes,'-handle_changes/3-fun-1-',5},{couch_replic
> ation_manager,'-changes_feed_loop/0-fun-1-',2}]}
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.110.0>] Stopping all ongoing replications because the replicator database was deleted or changed
> I am testing against a trunk build of CouchDB but think I have seen similar behaviour on 1.1.x but hadn't pinned down the cause
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1353) Adding security to the
replication database leads to crashes
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13161578#comment-13161578 ]
Martin Higham commented on COUCHDB-1353:
----------------------------------------
I can add security to _users and as long as _admin is in there everything is fine. It should be possible to restrict access to the replicator database in a similar way without it crashing
> Adding security to the replication database leads to crashes
> ------------------------------------------------------------
>
> Key: COUCHDB-1353
> URL: https://issues.apache.org/jira/browse/COUCHDB-1353
> Project: CouchDB
> Issue Type: Bug
> Components: Replication
> Affects Versions: 1.1.1, 1.2
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If I set Admin and reader security on the replication database the replicator will crash when adding new records to the database with a "not authorised error". It will continue to crash while trying to restart replication and even after a restart
> 1. Create several databases and replication rules - everything works fine
> 2. Add reader security to the replication database
> 3. Insert new document into the replication database. Replication will record the error and stop all replication
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Input :: ["ddoc","_design/_replicator",["valida
> te_doc_update"],[{"_id":"8d158931ac19d99f96f2aad68104aa09","target":"testrep","continuous":true,"source":"http://admin:aaaaa@
> 127.0.0.1:5984/dbz_molly","_revisions":{"start":0,"ids":[]}},null,{"db":"ndz_replicator","name":"admin","roles":["_admin"]},{
> "admins":{"names":[],"roles":["_admin","_replicator"]},"members":{"names":[],"roles":["_admin","_replicator"]}}]]
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Output :: 1
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.12560.0>] 109.150.210.170 - - PUT /ndz_replicator/8d158931ac19d99f96f2aad68104aa09
> 201
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.117.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs Names [] Roles [<<"
> _admin">>,
> <<"_admin">>,
> <<"_replicator">>]
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [<0.110.0>] Replication manager received unexpected message {'EXIT',
> <0.117.0>,
> {{nocatch,
> {unauthorized,
> <<"You are not authorized to access this db.">>}},
> [{couch_db,
> open,
> 2},
> {couch_changes,
> keep_sending_changes,
> 9},
> {couch_changes,
> '-handle_changes/3-fun-1-',
> 5},
> {couch_replication_manager,
> '-changes_feed_loop/0-fun-1-',
> 2}]}}
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [emulator] Error in process <0.117.0> with exit value: {{nocatch,{unauthorized,<<41 b
> ytes>>}},[{couch_db,open,2},{couch_changes,keep_sending_changes,9},{couch_changes,'-handle_changes/3-fun-1-',5},{couch_replic
> ation_manager,'-changes_feed_loop/0-fun-1-',2}]}
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.110.0>] Stopping all ongoing replications because the replicator database was deleted or changed
> I am testing against a trunk build of CouchDB but think I have seen similar behaviour on 1.1.x but hadn't pinned down the cause
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (COUCHDB-1353) Adding security to the replication
database leads to crashes
Posted by "Filipe Manana (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana updated COUCHDB-1353:
-----------------------------------
Affects Version/s: (was: 1.1.1)
> Adding security to the replication database leads to crashes
> ------------------------------------------------------------
>
> Key: COUCHDB-1353
> URL: https://issues.apache.org/jira/browse/COUCHDB-1353
> Project: CouchDB
> Issue Type: Bug
> Components: Replication
> Affects Versions: 1.2
> Environment: Ubuntu
> Reporter: Martin Higham
> Fix For: 1.2
>
>
> If I set Admin and reader security on the replication database the replicator will crash when adding new records to the database with a "not authorised error". It will continue to crash while trying to restart replication and even after a restart
> 1. Create several databases and replication rules - everything works fine
> 2. Add reader security to the replication database
> 3. Insert new document into the replication database. Replication will record the error and stop all replication
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Input :: ["ddoc","_design/_replicator",["valida
> te_doc_update"],[{"_id":"8d158931ac19d99f96f2aad68104aa09","target":"testrep","continuous":true,"source":"http://admin:aaaaa@
> 127.0.0.1:5984/dbz_molly","_revisions":{"start":0,"ids":[]}},null,{"db":"ndz_replicator","name":"admin","roles":["_admin"]},{
> "admins":{"names":[],"roles":["_admin","_replicator"]},"members":{"names":[],"roles":["_admin","_replicator"]}}]]
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.216.0>] OS Process #Port<0.2851> Output :: 1
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.12560.0>] 109.150.210.170 - - PUT /ndz_replicator/8d158931ac19d99f96f2aad68104aa09
> 201
> [Fri, 02 Dec 2011 10:45:36 GMT] [debug] [<0.117.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs Names [] Roles [<<"
> _admin">>,
> <<"_admin">>,
> <<"_replicator">>]
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [<0.110.0>] Replication manager received unexpected message {'EXIT',
> <0.117.0>,
> {{nocatch,
> {unauthorized,
> <<"You are not authorized to access this db.">>}},
> [{couch_db,
> open,
> 2},
> {couch_changes,
> keep_sending_changes,
> 9},
> {couch_changes,
> '-handle_changes/3-fun-1-',
> 5},
> {couch_replication_manager,
> '-changes_feed_loop/0-fun-1-',
> 2}]}}
> [Fri, 02 Dec 2011 10:45:36 GMT] [error] [emulator] Error in process <0.117.0> with exit value: {{nocatch,{unauthorized,<<41 b
> ytes>>}},[{couch_db,open,2},{couch_changes,keep_sending_changes,9},{couch_changes,'-handle_changes/3-fun-1-',5},{couch_replic
> ation_manager,'-changes_feed_loop/0-fun-1-',2}]}
> [Fri, 02 Dec 2011 10:45:36 GMT] [info] [<0.110.0>] Stopping all ongoing replications because the replicator database was deleted or changed
> I am testing against a trunk build of CouchDB but think I have seen similar behaviour on 1.1.x but hadn't pinned down the cause
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira