couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eric casteleijn <eric.castele...@canonical.com>
Subject Re: "Personal" Couch DB.
Date Fri, 26 Jun 2009 08:55:38 GMT
Brian Candler wrote:
> On Wed, Jun 24, 2009 at 07:55:36AM -0400, Elliot Murphy wrote:
>> In fact, this effort to run a CouchDB for every single user account on a  
>> computer
> 
> Interesting. A few questions:
Hi Brian,

Elliot's on holiday, so I'm going to be presumptious and respond in his 
stead. I hope I don't say anything too far from the truth.

> (1) What stops user A from accessing user B's data? Will this be done with
> HTTP authentication?
> 
> Perhaps in this context it might make more sense to use a Unix domain
> socket, but then again, nobody talks HTTP over those :-(

We've thought about using sockets, and while that would be a good way to 
do it, it would also mean a lot of work making HTTP client libraries 
work with that.

We think this could be more easily solved by having authorization in 
CouchDB, and we're talking with Jan and Chris about adding OAuth to CouchDB.

OAuth is a good candidate since it's explicitly meant for authenticating 
applications with servers over HTTP, so it's a good fit for our use 
case, where the server happens to live on the same machine, but also a 
good fit for talking to CouchDB on a remote server.

> (2) Is the per-user Erlang/CouchDB process going to be started when the user
> logs into the graphical desktop (gdm/kdm?)
> 
> What about having a single system-wide CouchDB instance instead of spawning
> a new Erlang VM for each user? Then at least, if I log into my home machine
> via ssh (while not logged into the console), the service would still be
> there.

For Ubuntu, the per-user process will be started up by being prompted 
from a DBUS service.  We're making a DBUS service that handles getting 
OAuth credentials from the Gnome keyring and ensuring that the user's 
CouchDB is running.

We thought about having a system-wide CouchDB, and having separate 
databases for each user.  This is hard, though, because we want to have 
the database files be in each user's home directory, so that they get 
backed-up and so on in a way that users expect.  We also don't want to 
run CouchDB as root.  So, we're setting things up with one CouchDB 
server per user.

It would be easy to set up CouchDB to be running all the time, for users 
who want that.  We need to make sure it doesn't affect the whole 
system's start-up and log in time, though, so that makes starting 
CouchDB on demand more attractive.

Hope this helps,

-- 
- eric casteleijn
http://www.canonical.com

Mime
View raw message