This is all off the top of my head so it might not be 100% accurate, meaning I
may have missed something in here.
The location that you installed storm can be world readable, there is nothing
secret here, but you should not allow anyone to write (simply to avoid
unfortunate accidents when you are not upgrading the cluster/configs).
The logging directory should be writable by the headless user running your
daemons. The storm-local directory also.
If you are running with security it is a bit more complex.
Make sure that the keytabs for the daemons are only readable by the headless
user that is running storm. Similarly if you are using https for the UI and
logviewer processes. Make sure again that keystore is only readable by the
headless user running storm.
If you are running with the supervisors launching the workers as the user that
started them, first of all please make sure you are also running in secure mode
because otherwise the entire world can launch things on your cluster as just
about any user they want.
The worker launcher executable needs to have setuid/setgid permissions on it.
The owner needs to be root, and the group needs to be a group that only the
headless user your topology is running as is in. It should not be world
executable. This grants permission for the supervisor to do things as other
users. The config for this file usually in /etc/storm but could be in other
places as it is set at compile time. it should not be writable by anyone, and
I think it needs to be owned by root. worker-launcher will tell you if you got
it wrong and will refuse to run. You also want to make sure that the configs
in there for min user id that it is willing to become is set properly for your
system. You don't want to allow storm to launch things as root, or really any
other system headless user.
The subdirectory under the logging directory called workers-artifacts needs to
have the sticky bit set on it, although you might not need to, I think storm
will fix it up for you when it creates things.
storm-local should be world executable. You can make it world readable too,
but I don't think it matters. You should not make it writable by anyone but
the headless storm user though. The supervisor should be able to fix up the
rest of the sub directories under it itself.
- Bobby
On Monday, August 7, 2017, 12:45:21 PM CDT, I PVP <i...@hotmail.com> wrote:
#yiv3472441949 body{font-family:Helvetica, Arial;font-size:13px;}What are the
linux file access permission best practices for the $STORM_HOME and subfolders
?
I am running Storm 1.1.1 under the storm:storm (user:group) on Centos .
Thanks
IPVP
