You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sdap.apache.org by fg...@apache.org on 2018/09/10 23:21:52 UTC
[incubator-sdap-nexus] branch master updated: SDAP-138 Permission
Denied Solr Image (#29)
This is an automated email from the ASF dual-hosted git repository.
fgreg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-sdap-nexus.git
The following commit(s) were added to refs/heads/master by this push:
new a763077 SDAP-138 Permission Denied Solr Image (#29)
a763077 is described below
commit a7630779a6c048f0c614d240f65557d2ce1e05ab
Author: fgreg <fg...@gmail.com>
AuthorDate: Mon Sep 10 16:21:50 2018 -0700
SDAP-138 Permission Denied Solr Image (#29)
* Fixing the permissions issues for solr singlenode.
The image still runs as the `solr` user but now `solr` has been given permission to use sudo to `cp` and `chown` the `${SOLR_HOME}/nexustiles` directory. Tested locally on Mac, a linux server, and a linux server running kubernetes.
---
docker/solr-single-node/Dockerfile | 3 ++-
docker/solr-single-node/create-core.sh | 4 ++--
docker/solr/Dockerfile | 4 ++--
docs/quickstart.rst | 2 +-
4 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/docker/solr-single-node/Dockerfile b/docker/solr-single-node/Dockerfile
index c78866a..87d4c9a 100644
--- a/docker/solr-single-node/Dockerfile
+++ b/docker/solr-single-node/Dockerfile
@@ -20,7 +20,8 @@ MAINTAINER Apache SDAP "dev@sdap.apache.org"
USER root
COPY create-core.sh /docker-entrypoint-initdb.d/create-core.sh
-RUN chown ${SOLR_USER}:${SOLR_GROUP} /docker-entrypoint-initdb.d/create-core.sh
+RUN echo "${SOLR_USER} ALL=(ALL) NOPASSWD: /usr/bin/cp -r /tmp/nexustiles/* ${SOLR_HOME}/nexustiles/" >> /etc/sudoers && \
+ echo "${SOLR_USER} ALL=(ALL) NOPASSWD: /usr/bin/chown -R ${SOLR_USER}\:${SOLR_GROUP} ${SOLR_HOME}/nexustiles" >> /etc/sudoers
USER ${SOLR_USER}
VOLUME ${SOLR_HOME}/nexustiles
diff --git a/docker/solr-single-node/create-core.sh b/docker/solr-single-node/create-core.sh
index 49a0daa..1520b6a 100755
--- a/docker/solr-single-node/create-core.sh
+++ b/docker/solr-single-node/create-core.sh
@@ -19,7 +19,7 @@ set -ex
SOLR_HOME=${SOLR_HOME:=/opt/solr/server/solr/}
mkdir -p ${SOLR_HOME}/nexustiles
-cp -r /tmp/nexustiles/* ${SOLR_HOME}/nexustiles/
-chown -R ${SOLR_USER}:${SOLR_GROUP} ${SOLR_HOME}/nexustiles
+sudo cp -r /tmp/nexustiles/* ${SOLR_HOME}/nexustiles/
+sudo chown -R ${SOLR_USER}:${SOLR_GROUP} ${SOLR_HOME}/nexustiles
set +x
diff --git a/docker/solr/Dockerfile b/docker/solr/Dockerfile
index 3fd96f7..caad8bb 100644
--- a/docker/solr/Dockerfile
+++ b/docker/solr/Dockerfile
@@ -17,11 +17,11 @@ MAINTAINER Apache SDAP "dev@sdap.apache.org"
USER root
-ENV SOLR_HOME=/opt/solr/server/solr/
+ENV SOLR_HOME=/opt/solr/server/solr
RUN cd / && \
apt-get update && \
- apt-get -y install git && \
+ apt-get -y install git sudo && \
rm -rf /var/lib/apt/lists/* && \
git clone https://github.com/apache/incubator-sdap-nexus.git && \
cp -r /incubator-sdap-nexus/data-access/config/schemas/solr/nexustiles /tmp/nexustiles && \
diff --git a/docs/quickstart.rst b/docs/quickstart.rst
index 3f53dd5..5136dcc 100644
--- a/docs/quickstart.rst
+++ b/docs/quickstart.rst
@@ -233,7 +233,7 @@ The ningester docker image runs a batch job that will ingest one granule. Here,
for g in `ls ${DATA_DIRECTORY} | awk "{print $1}"`
do
- docker run -d --name $(echo avhrr_$g | cut -d'-' -f 1) --network sdap-net -v ${NINGESTER_CONFIG}:/config/ -v ${DATA_DIRECTORY}/${g}:/data/${g} sdap/ningester:${VERSION} docker,solr,cassandra
+ docker run -d --name $(echo avhrr_$g | cut -d'-' -f 1) --network sdap-net -v ${NINGESTER_CONFIG}:/home/ningester/config/ -v ${DATA_DIRECTORY}/${g}:/home/ningester/data/${g} sdap/ningester:${VERSION} docker,solr,cassandra
sleep 60
done