Manybubbles has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/221647

Change subject: Update installation instructions
......................................................................

Update installation instructions

Make sure to call out dynamic scripting and that we're working towards not
needing it any more.

Change-Id: I0618fddfb19046a513823b69741999bca8a756d3
---
M README
M elasticsearch.yml
2 files changed, 15 insertions(+), 6 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CirrusSearch 
refs/changes/47/221647/1

diff --git a/README b/README
index 68fcbf8..1bfa7c0 100644
--- a/README
+++ b/README
@@ -3,13 +3,12 @@
 
 Installation
 ------------
-Get Elasticsearch up and running somewhere.  1.3.2 and above are all fine.
+Get Elasticsearch up and running somewhere.  1.3.2 and above are all fine 
though soon it'll be 1.6+.
 
-Optional: CirrusSearch makes use of sandboxed dynamic scripts in 
Elasticsearch.  For most
-functions the sandbox is fine but some advanced features (source regular 
expression search)
-require relaxing the sandbox some.  To do this add the contents of 
elasticsearch.yml located
-in this directory to the elasticsearch.yml that came with Elasticsearch and 
restart
-Elasticsearch.
+CirrusSearch still uses dynamic scripts. Its very close to not needing them 
any more - probably by
+August 2015 it won't. Anyway, for now you'll have to reenable dynamic 
scripting in Elasticsearch. Do
+that by adding the contents of the elasticsearch.yml file in this directory to 
the elasticsearch.yml
+file that comes with your installation.
 
 Place the CirrusSearch extension in your extensions directory.
 Make sure you have the curl php library installed (sudo apt-get install 
php5-curl in Debian.)
diff --git a/elasticsearch.yml b/elasticsearch.yml
index 98bd6bc..bf5c6d4 100644
--- a/elasticsearch.yml
+++ b/elasticsearch.yml
@@ -1,3 +1,13 @@
+##
+# Turn dynamic scripting back on
+##
+# CirrusSearch needs dynamic scripting currently.
+script.disable_dynamic: false
+## But turning dynamic scripting on is a security vulnerability if the server
+## is accessible to the world. Turn off global accessibility.
+network.host: "127.0.0.1"
+
+
 # The default sandbox for Groovy is too restrictive for Cirrus.  This adds a
 # few more allowed invocations.
 script.groovy.sandbox.class_whitelist:

-- 
To view, visit https://gerrit.wikimedia.org/r/221647
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0618fddfb19046a513823b69741999bca8a756d3
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CirrusSearch
Gerrit-Branch: master
Gerrit-Owner: Manybubbles <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to