On Wednesday, 22 August 2012 00:20:01 UTC+2, Laszlo Boszormenyi (GCS) wrote: > On Fri, 2012-07-27 at 22:55 +0200, Julien Cristau wrote: > > > On Thu, Jul 19, 2012 at 23:43:56 +0000, Laszlo Boszormenyi (GCS) wrote: > > > > On new installs /var/run/couchdb is created to store the pidfile in, but > > > > as root:root . Then the couchdb user can't store its pid there, due to > > > > owner problems. Filed as important, but can be RC as couchdb fails to > > > > start if can't store the pidfile. > > > > The fix is oneliner: > > > > +++ couchdb-1.2.0/etc/init/couchdb.tpl.in > > > > mkdir -p "$RUN_DIR" > > > > + chown -R "$COUCHDB_USER" "$RUN_DIR" > > > > command="$COUCHDB -b" > > > > > > > Can't the pidfile be written to before dropping privs? chown -R feels > > > rather ick, I can't see why the -R should be necessary and I can see a > > > few ways it could be bad. > > Agree, -R can be problematic. What about > > [ -d "$RUN_DIR" ] || (mkdir -p "$RUN_DIR"; chown "$COUCHDB_USER" $RUN_DIR") > > ? It would change ownership only at creation time, own that dir only to > > $COUCHDB_USER . Doesn't change anything below that directory and in > > fact, after its creation it'll be empty anyway. > > > > Laszlo/GCS > > > > > > -- > > To UNSUBSCRIBE, email to [email protected] > > with a subject of "unsubscribe". Trouble? Contact [email protected]
Laszlo, It would be great to submit this upstream to CouchDB so we can get it addressed for 1.3.0. Are you OK to log a JIRA ticket for this? Thanks Dave [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
