On 28 Sep 2010, at 18:28, Benoit Chesneau wrote: > On Tue, Sep 28, 2010 at 6:49 PM, Noah Slater <[email protected]> wrote: >> >> On 28 Sep 2010, at 08:10, Benoit Chesneau wrote: >> >>> About /var/run vs /var/lib, that just sometimes you gave different >>> privileges on this folders, giving the possibility to read one or not. >>> This is not only a question of giving a "state". I'm actually thinking >>> that we may want to have this info in /tmp path where we save >>> generally such info. Dbus does this, mysql does this for the socket >>> (by default) ... /tmp is available for everyone. While /var/run is >>> working for root apps, it doesn't for apps launched per users. >> >> When you install CouchDB, you should configure the /var/run/couchdb >> directory to be world readable and group/user writable. This keeps it >> secure, while allowing process to read from it. I believe this is documented >> in the README. I don't think the location of world writable sockets is >> related. > > You expect here there will be one couchdb. But you could have a > couchdb per user. Then you need to distinct each users. You could of > course put all these users in /var/run, but this isn't something > possible on all systems. You don't want /var/run world readable for > some obvious security reason.
Each CouchDB instance should be configured to use a separate directory: /srv/username1/var/run/couchdb /srv/username2/var/run/couchdb /srv/username3/var/run/couchdb
