Hi Terry, Maybe you can try alternative approaches like putting some proxy in front of Solr and configure it to let only certain URLs. Other option is to define custom update request processor chain that will not include RunUpdateProcessorFactory - that will prevent accidental index updates.
HTH, Emir -- Monitoring - Log Management - Alerting - Anomaly Detection Solr & Elasticsearch Consulting Support Training - http://sematext.com/ > On 6 Mar 2018, at 22:55, Terry Steichen <te...@net-frame.com> wrote: > > Chris, > > Thanks for your suggestion. Restarting solr after an in-memory > corruption is, of course, trivial (compared to rebuilding the indexes). > > Are there any solr directories that MUST be read/write (even with a > pre-built index)? Would it suffice (for my purposes) to make only the > data/index directory R-O? > > Terry > > > On 03/06/2018 04:20 PM, Christopher Schultz wrote: >> Terry, >> >> On 3/6/18 4:08 PM, Terry Steichen wrote: >>> Is it possible to run solr in a read-only directory? >> >>> I'm running it just fine on a ubuntu server which is accessible >>> only through SSH tunneling. At the platform level, this is fine: >>> only authorized users can access it (via a browser on their machine >>> accessing a forwarded port). >> >>> The problem is that it's an all-or-nothing situation so everyone >>> who's authorized access to the platform has, in effect, >>> administrator privileges on solr. I understand that authentication >>> is coming, but that it isn't here yet. (Or, to add complexity, I >>> had to downgrade from 7.2.1 to 6.4.2 to overcome a new bug >>> concerning indexing of eml files, and 6.4.2 definitely doesn't have >>> authentication.) >> >>> Anyway, what I was wondering is if it might be possible to run solr >>> not as me (the administrator), but as a user with lesser privileges >>> so that no one who came through the SSH tunnel could (inadvertently >>> or otherwise) screw up the indexes. >> >> With shell access, the only protection you could provide would be >> through file-permissions. But of course Solr will need to be >> read-write in order to build the index in the first place. So you'd >> probably have to run read-write at first, build the index (perhaps >> that's already been done in the past), then (possibly) restart in >> read-only mode. >> >> Read-only can be achieved by simply revoking write-access to the data >> directories from the euid of the Solr process. Theoretically, you >> could switch from being read-write to read-only merely by changing >> file-permissions... no Solr restarts required. >> >> I'm not sure if it matters to you very much, but a user can still do >> some damage to the index even if the "server" is read-only (through >> file-permissions): they can issue a batch of DELETE or ADD requests >> that will effect the in-memory copies of the index. It might be >> temporary, but it might require that you restart the Solr instance to >> get back to a sane state. >> >> Hope that helps, >> -chris >> >