-----BEGIN PGP SIGNED MESSAGE-----
On 3/6/18 4:55 PM, Terry Steichen wrote:
> Thanks for your suggestion. Restarting solr after an in-memory
> corruption is, of course, trivial (compared to rebuilding the
> Are there any solr directories that MUST be read/write (even with
> a pre-built index)? Would it suffice (for my purposes) to make
> only the data/index directory R-O?
I installed Solr for the first time 2 weeks ago, so I'm not a great
resource, here. But I've used Lucene in the past and the on-disk
storage is basically the same AFAICT.
When starting with a expand-the-tarball-and-just-go-for-it deployment
model, I'd probably make sure that the server/solr directory and
everything below it was non-writable by the Solr-user.
Obviously, once you have set this up in a test lab, just try to break
it and see what happens :)
> On 03/06/2018 04:20 PM, Christopher Schultz wrote:
>> On 3/6/18 4:08 PM, Terry Steichen wrote:
>>> Is it possible to run solr in a read-only directory?
>>> I'm running it just fine on a ubuntu server which is
>>> accessible only through SSH tunneling. At the platform level,
>>> this is fine: only authorized users can access it (via a
>>> browser on their machine accessing a forwarded port).
>>> The problem is that it's an all-or-nothing situation so
>>> everyone who's authorized access to the platform has, in
>>> effect, administrator privileges on solr. I understand that
>>> authentication is coming, but that it isn't here yet. (Or, to
>>> add complexity, I had to downgrade from 7.2.1 to 6.4.2 to
>>> overcome a new bug concerning indexing of eml files, and 6.4.2
>>> definitely doesn't have authentication.)
>>> Anyway, what I was wondering is if it might be possible to run
>>> solr not as me (the administrator), but as a user with lesser
>>> privileges so that no one who came through the SSH tunnel could
>>> (inadvertently or otherwise) screw up the indexes.
>> With shell access, the only protection you could provide would
>> be through file-permissions. But of course Solr will need to be
>> read-write in order to build the index in the first place. So
>> you'd probably have to run read-write at first, build the index
>> (perhaps that's already been done in the past), then (possibly)
>> restart in read-only mode.
>> Read-only can be achieved by simply revoking write-access to the
>> data directories from the euid of the Solr process.
>> Theoretically, you could switch from being read-write to
>> read-only merely by changing file-permissions... no Solr restarts
>> I'm not sure if it matters to you very much, but a user can still
>> do some damage to the index even if the "server" is read-only
>> (through file-permissions): they can issue a batch of DELETE or
>> ADD requests that will effect the in-memory copies of the index.
>> It might be temporary, but it might require that you restart the
>> Solr instance to get back to a sane state.
>> Hope that helps, -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----