You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ja...@apache.org on 2016/09/27 07:24:08 UTC

lucene-solr:master: SOLR-9547: Do not allow bin/solr start as root user (unless -force param specified)

Repository: lucene-solr
Updated Branches:
  refs/heads/master c1553c20f -> 6b28af0c7


SOLR-9547: Do not allow bin/solr start as root user (unless -force param specified)


Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/6b28af0c
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/6b28af0c
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/6b28af0c

Branch: refs/heads/master
Commit: 6b28af0c7d779f07ba543f7fbf58f485d5038153
Parents: c1553c2
Author: Jan H�ydahl <ja...@apache.org>
Authored: Tue Sep 27 09:24:00 2016 +0200
Committer: Jan H�ydahl <ja...@apache.org>
Committed: Tue Sep 27 09:24:00 2016 +0200

----------------------------------------------------------------------
 solr/CHANGES.txt |  2 ++
 solr/bin/solr    | 13 +++++++++++++
 2 files changed, 15 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/6b28af0c/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 7bb8688..df0388f 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -198,6 +198,8 @@ Other Changes
 
 * SOLR-9548: The beginning of solr.log now starts with a more informative welcome message (janhoy)
 
+* SOLR-9547: Do not allow bin/solr start as root user, unless -force param specified (janhoy)
+
 ==================  6.2.1 ==================
 
 Bug Fixes

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/6b28af0c/solr/bin/solr
----------------------------------------------------------------------
diff --git a/solr/bin/solr b/solr/bin/solr
index 2ef480a..71e8f65 100755
--- a/solr/bin/solr
+++ b/solr/bin/solr
@@ -1049,6 +1049,7 @@ fi
 
 # Run in foreground (default is to run in the background)
 FG="false"
+FORCE=false
 noprompt=false
 SOLR_OPTS=($SOLR_OPTS)
 PASS_TO_RUN_EXAMPLE=
@@ -1174,6 +1175,10 @@ if [ $# -gt 0 ]; then
             stop_all=true
             shift
         ;;
+        -force)
+            FORCE=true
+            shift
+        ;;
         --)
             shift
             break
@@ -1298,6 +1303,14 @@ if [ -z "$STOP_PORT" ]; then
   STOP_PORT=`expr $SOLR_PORT - 1000`
 fi
 
+if [ "$SCRIPT_CMD" == "start" ] || [ "$SCRIPT_CMD" == "restart" ] ; then
+  if [[ "$(whoami)" == "root" ]] && [[ "$FORCE" == "false" ]] ; then
+    echo "WARNING: Starting Solr as the root user is a security risk and not considered best practice. Exiting."
+    echo "         Please consult the Reference Guide. To override this check, start with argument '-force'"
+    exit 1
+  fi
+fi
+
 if [[ "$SCRIPT_CMD" == "start" ]]; then
   # see if Solr is already running
   SOLR_PID=`solr_pid_by_port "$SOLR_PORT"`