Thanks for your suggestion. Restarting solr after an in-memory
corruption is, of course, trivial (compared to rebuilding the indexes).
Are there any solr directories that MUST be read/write (even with a
pre-built index)? Would it suffice (for my purposes) to make only the
data/index directory R-O?
On 03/06/2018 04:20 PM, Christopher Schultz wrote:
> On 3/6/18 4:08 PM, Terry Steichen wrote:
> > Is it possible to run solr in a read-only directory?
> > I'm running it just fine on a ubuntu server which is accessible
> > only through SSH tunneling. At the platform level, this is fine:
> > only authorized users can access it (via a browser on their machine
> > accessing a forwarded port).
> > The problem is that it's an all-or-nothing situation so everyone
> > who's authorized access to the platform has, in effect,
> > administrator privileges on solr. I understand that authentication
> > is coming, but that it isn't here yet. (Or, to add complexity, I
> > had to downgrade from 7.2.1 to 6.4.2 to overcome a new bug
> > concerning indexing of eml files, and 6.4.2 definitely doesn't have
> > authentication.)
> > Anyway, what I was wondering is if it might be possible to run solr
> > not as me (the administrator), but as a user with lesser privileges
> > so that no one who came through the SSH tunnel could (inadvertently
> > or otherwise) screw up the indexes.
> With shell access, the only protection you could provide would be
> through file-permissions. But of course Solr will need to be
> read-write in order to build the index in the first place. So you'd
> probably have to run read-write at first, build the index (perhaps
> that's already been done in the past), then (possibly) restart in
> read-only mode.
> Read-only can be achieved by simply revoking write-access to the data
> directories from the euid of the Solr process. Theoretically, you
> could switch from being read-write to read-only merely by changing
> file-permissions... no Solr restarts required.
> I'm not sure if it matters to you very much, but a user can still do
> some damage to the index even if the "server" is read-only (through
> file-permissions): they can issue a batch of DELETE or ADD requests
> that will effect the in-memory copies of the index. It might be
> temporary, but it might require that you restart the Solr instance to
> get back to a sane state.
> Hope that helps,