You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Shawn Heisey (JIRA)" <ji...@apache.org> on 2016/11/11 15:56:58 UTC

[jira] [Commented] (SOLR-9754) No shell specified in the su call

    [ https://issues.apache.org/jira/browse/SOLR-9754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15657395#comment-15657395 ] 

Shawn Heisey commented on SOLR-9754:
------------------------------------

The service install script creates the solr user with the system standard shell, not /bin/false.  I think it also creates that user such that it would be unable to log in (on Linux, the user gets an asterisk in the password field, not an empty value or a valid hash), regardless of the shell assigned.

The shebang in bin/solr is "/usr/bin/env bash" ... not "/bin/sh" ... so if we were to implement your idea, I think we should use the same value that the bin/solr script does.  Although it's highly unlikely that /bin/sh will be absent, using that value does represent another potential dependency that running directly with bin/solr does not impose.


> No shell specified in the su call
> ---------------------------------
>
>                 Key: SOLR-9754
>                 URL: https://issues.apache.org/jira/browse/SOLR-9754
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 5.5.3
>         Environment: Ubuntu Linux 16.04 LTS
>            Reporter: Anton Boritskiy
>
> The tarball version downloaded from [here|http://www.apache.org/dyn/closer.lua/lucene/solr/5.5.3]
> has problem inside the {{bin/init.d/solr}} file.
> the very last lines of the file look like 
> {code}
> ...
> if [ -n "$RUNAS" ]; then
>   su -c "SOLR_INCLUDE=\"$SOLR_ENV\" \"$SOLR_INSTALL_DIR/bin/solr\" $SOLR_CMD" - "$RUNAS"
> else
>   SOLR_INCLUDE="$SOLR_ENV" "$SOLR_INSTALL_DIR/bin/solr" "$SOLR_CMD"
> fi
> {code}
> the solr sturt up just breaks when {{solr}} user has {{/bin/false}} shell assigned to it.
> Suggested change is to make that file look like 
> {code}
> ...
> if [ -n "$RUNAS" ]; then
>   su -s "/bin/sh" -c "SOLR_INCLUDE=\"$SOLR_ENV\" \"$SOLR_INSTALL_DIR/bin/solr\" $SOLR_CMD" - "$RUNAS"
> else
>   SOLR_INCLUDE="$SOLR_ENV" "$SOLR_INSTALL_DIR/bin/solr" "$SOLR_CMD"
> fi
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org