You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2018/09/14 10:14:13 UTC
[GitHub] janl opened a new pull request #1602: Remove runtime
configurability of core system components
janl opened a new pull request #1602: Remove runtime configurability of core system components
URL: https://github.com/apache/couchdb/pull/1602
## Overview
In the 1.x era of CouchDB, many parts of the core systems were managed via the config system. This is mostly due to in the early days, no good standard patterns for what Erlang apps looked like were obvious. This has changed now.
In addition, being able to change core parts of the database, including what code modules to load when and where, and which OS binaries to run when and where, opened us up to [a](
http://docs.couchdb.org/en/stable/cve/2017-12635.html) [set](
http://docs.couchdb.org/en/stable/cve/2017-12636.html) of [security](
http://docs.couchdb.org/en/stable/cve/2018-11769.html) [vulnerabilities](
http://docs.couchdb.org/en/stable/cve/2018-8007.html), that we want to close once and for all with this PR by no longer allowing runtime configuration of core system parts.
Specifically:
- `daemons`
- `[httpd] default_handler`
-`httpd_global_handlers`
-`httpd_db_handlers`
-`httpd_design_handlers`
- `vhost_global_handlers`
- `redirect_vhost_handler`
- `os_daemons`
- `query_servers`
- `native_query_servers`
This patch retains the ability to configure an existing CouchDB installation to, say, add a third party query server, but it’ll require console access to the server and restarting CouchDB from said console.
* * *
## Details
CouchDB ships with two default query_servers (javascript and coffeescript)
as well as one default native_query_server (query aka mango). These used
to be configured in default.ini in these sections:
```
[query_servers]
javascript = {{prefix}}/bin/couchjs {{prefix}}/share/server/main.js
coffeescript = {{prefix}}/bin/couchjs {{prefix}}/share/server/main-coffee.js
; enable mango query engine
[native_query_servers]
query = {mango_native_proc, start_link, []}
; erlang query server
; erlang = {couch_native_process, start_link, []}
```
This allowed end-users post-install and even runtime-changes to which
query servers are enabled and where their binaries live.
This patch changes things, so only a post-install, but not at-runtime
changes are possible from now on.
This still allows people to configure their CouchDB to run a third-
party query server like the somewhat popular Python query server,
but it changes the way the setup is done.
Query Servers
The javascript and coffeescript query servers continue to be enabled
by default. Setup differences have been moved from default.ini to
the couchdb and couchdb.cmd start scripts respectively.
Additional query servers can now be configured using environment
variables:
```
export COUCHDB_QUERY_SERVER_PYTHON="/path/to/python/query/server.py with args"
couchdb
```
Where the last segment in the environment variable matches the usual
lowercase(!) query language in the design doc `language` field.
Multiple query servers can be configured by using more environment
variables.
Native Query Servers
The mango query server continues to be enabled by default. The erlang
query server continues to be disabled by default. This patch adds
a `[native_query_servers] enable_erlang_query_server = BOOL` setting
(defaults to `"false"`) to enable the erlang query server.
If the legacy configuration for enabling the query server is detected,
that is counted as a `true` setting as well, so existing configurations
continue to work just fine.
Windows
Since the setting of the `./configure` time `PREFIX` happens during
`make release`, I had to adapt the `couchdb` and `couchdb.cmd` scripts
to have the correct env vars set and the `PREFIX` replaced there.
I did this to the best of my abilities and research, but this needs
review from the Windows team (Hi Joan! :).
OS Daemons
Although deprecated in 2.2.0, we’re keeping support for this until 3.x,
but the configuration changes analogous to query servers.
Previously, configuration looked like this:
```
[os_daemons]
name = /path/to/daemon with args
```
With this patch, setup looks like this:
```
COUCHDB_OS_DAEMON_NAME="/path/to/daemon with args"
couchdb
```
Multiple OS Daemons can be started with multiple env vars. The final
segment in the env var becomes the daemon identifier inside CouchDB
as lowercase(!).
## Testing recommendations
`make check` as well as following the instructions above for configuring third party query servers and/or `os_daemons` as well as enabling the erlang query server.
## Checklist
- [x] Code is written and works correctly;
- [x] Changes are covered by tests;
- [x] Documentation reflects the changes;
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services