[jira] [Comment Edited] (SOLR-7826) Permission issues when creating cores with bin/solr

["Binoy Dalal (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/SOLR-7826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15235549#comment-15235549 ] 

Binoy Dalal edited comment on SOLR-7826 at 4/11/16 5:45 PM:
------------------------------------------------------------

I'm having a bit of an issue with the current implementation so I'll just outline my approach, and state the problem:
1) Detect the user while solr is first started.
2) Pass the user detected in (1) to SolrCLI and the option if any.
3) Perform the user and option check if user=root.
4) Return appropriate message.

I'm facing a problem in step 1 and 2. I am not sure of how to store the detected user so that the next time the script is run, it can find that user. I've tried exporting the variable but that doesn't seem to work without adding the variable to permanent list of environment variables, which I don't think is something that should be done.

Another option that I've thought of is to write the user id to a file like the solr port is written and use that in subsequent script calls for user checking, and delete it once solr is stopped. I think this would be a good approach.

Please advise.

--EDIT--
I've tested out the file creation approach and it works fine.

To recap the requirements, to see if I missed something:
1) If solr is started as root, and user tries to create a core as root then display warning with the option to user.
2) If solr is started as root, and user tries to create a core as root with option, allow creation of core.
3) If solr is started as an unprivileged user and creation of a core is attempted with root, an exception is thrown with the default behaviour (no changes to be made here).

Let me know if I've missed something.

Thanks.


was (Author: binoydalal93@gmail.com):
I'm having a bit of an issue with the current implementation so I'll just outline my approach, and state the problem:
1) Detect the user while solr is first started.
2) Pass the user detected in (1) to SolrCLI and the option if any.
3) Perform the user and option check if user=root.
4) Return appropriate message.

I'm facing a problem in step 1 and 2. I am not sure of how to store the detected user so that the next time the script is run, it can find that user. I've tried exporting the variable but that doesn't seem to work without adding the variable to permanent list of environment variables, which I don't think is something that should be done.

Another option that I've thought of is to write the user id to a file like the solr port is written and use that in subsequent script calls for user checking, and delete it once solr is stopped. I think this would be a good approach.

Please advise.

> Permission issues when creating cores with bin/solr
> ---------------------------------------------------
>
>                 Key: SOLR-7826
>                 URL: https://issues.apache.org/jira/browse/SOLR-7826
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Shawn Heisey
>            Priority: Minor
>              Labels: newdev
>
> Ran into an interesting situation on IRC today.
> Solr has been installed as a service using the shell script install_solr_service.sh ... so it is running as an unprivileged user.
> User is running "bin/solr create" as root.  This causes permission problems, because the script creates the core's instanceDir with root ownership, then when Solr is instructed to actually create the core, it cannot create the dataDir.
> Enhancement idea:  When the install script is used, leave breadcrumbs somewhere so that the "create core" section of the main script can find it and su to the user specified during install.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org