This is all off the top of my head so it might not be 100% accurate, meaning I 
may have missed something in here.
The location that you installed storm can be world readable, there is nothing 
secret here, but you should not allow anyone to write (simply to avoid 
unfortunate accidents when you are not upgrading the cluster/configs).

The logging directory should be writable by the headless user running your 
daemons.  The storm-local directory also.

If you are running with security it is a bit more complex.
Make sure that the keytabs for the daemons are only readable by the headless 
user that is running storm.  Similarly if you are using https for the UI and 
logviewer processes.  Make sure again that keystore is only readable by the 
headless user running storm.

If you are running with the supervisors launching the workers as the user that 
started them, first of all please make sure you are also running in secure mode 
because otherwise the entire world can launch things on your cluster as just 
about any user they want.

The worker launcher executable needs to have setuid/setgid permissions on it.  
The owner needs to be root, and the group needs to be a group that only the 
headless user your topology is running as is in.  It should not be world 
executable.  This grants permission for the supervisor to do things as other 
users.  The config for this file usually in /etc/storm but could be in other 
places as it is set at compile time.  it should not be writable by anyone, and 
I think it needs to be owned by root.  worker-launcher will tell you if you got 
it wrong and will refuse to run.  You also want to make sure that the configs 
in there for min user id that it is willing to become is set properly for your 
system.  You don't want to allow storm to launch things as root, or really any 
other system headless user. 
The subdirectory under the logging directory called workers-artifacts needs to 
have the sticky bit set on it, although you might not need to, I think storm 
will fix it up for you when it creates things.
storm-local should be world executable.  You can make it world readable too, 
but I don't think it matters.  You should not make it writable by anyone but 
the headless storm user though.  The supervisor should be able to fix up the 
rest of the sub directories under it itself.

- Bobby

On Monday, August 7, 2017, 12:45:21 PM CDT, I PVP <> wrote:

#yiv3472441949 body{font-family:Helvetica, Arial;font-size:13px;}What are the 
linux file access permission best practices for the $STORM_HOME  and subfolders 
I am running Storm 1.1.1 under the  storm:storm (user:group)  on Centos .

Reply via email to