Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 453018 - dev-db/couchdb-1.2.1 - is executed as root
Summary: dev-db/couchdb-1.2.1 - is executed as root
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Dirkjan Ochtman (RETIRED)
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2013-01-19 18:04 UTC by Mira Ressel
Modified: 2013-05-19 16:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
couchdb_init.patch (couchdb_init.patch,464 bytes, patch)
2013-01-19 18:06 UTC, Mira Ressel 		Details | Diff
couchdb_conf.patch (couchdb_conf.patch,443 bytes, patch)
2013-01-19 18:06 UTC, Mira Ressel 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mira Ressel 2013-01-19 18:04:40 UTC 
Since the update to couchdb's init script with the bump to couchdb-1.2.1, the couchdb daemon is always runs with root privileges. I propose the attached changes to the init script to fix this bug.
Comment 1 Mira Ressel 2013-01-19 18:06:21 UTC 
Created attachment 336146 [details, diff]
couchdb_init.patch
Comment 2 Mira Ressel 2013-01-19 18:06:52 UTC 
Created attachment 336148 [details, diff]
couchdb_conf.patch
Comment 3 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-01-21 12:09:00 UTC 
It looks like you have additional changes in the couchdb_conf.patch (wrt COUCHDB_BEAM) that are unrelated, correct?
Comment 4 Mira Ressel 2013-01-21 19:57:05 UTC 
Yes, you're right, the COUCHDB_BEAM removal is unrelated, I didn't mean to include it. However, there's no point in keeping this variable declaration, as the new init script doesn't need it anymore.
Comment 5 Alexander Shorin 2013-05-02 21:56:02 UTC 
Just tested patch - it works well (with or without COUCHDB_BEAM changes) both on x86 and x86_64 archs. Thanks, Luis! However, after patching there is need to fix permissions for CouchDB directories (/var/{run,lib,log}/couchdb, /etc/couchdb/*) since files there may have root owner and CouchDB will fail to start. 

All these problems are been noticed in stdout, not in CouchDB logs, so if after patching it wouldn't be run, change COUCHDB_STDOUT_FILE output to somewhere to figure what else need to be fixed.
Comment 6 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-05-03 06:36:36 UTC 
Yeah, I incorporated this patch in a 1.3.0 ebuild that I've been testing in my overlay, and changing permissions is a bit annoying. Alexander, can you elaborate on how to deal with the notices about the permissions?

Also, perhaps you could file an upstream bug about noting these things properly in couch.log.
Comment 7 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-05-03 11:47:20 UTC 
I've copied the 1.3.0 from my overlay to gentoo-x86.
Comment 8 Alexander Shorin 2013-05-06 16:28:10 UTC 
> Alexander, can you elaborate on how to deal with the notices about the permissions?
> 
> Also, perhaps you could file an upstream bug about noting these things properly in couch.log.

Dirkjan, I'd dig into the permissions problem and found that CouchDB behavior is ok: he reports about any eaccess problems in logs as he should. In our case he just unable to do this since root is the owner of couch.log file and couchdb user has no write bit for it. This situation might happen after couchdb-1.2.1 clean install or if logrotate refreshes log file in case of regular upgrade. 

There is need to be a bit accurate to notice this issue. After fixing logs, every other problem reported well.

However, I'd found another one very interesting bug that's not related to init script, but is about database files permissions. Will report about it.