couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Shorin (JIRA)" <>
Subject [jira] [Commented] (COUCHDB-2638) CouchDB should not be writing /etc/couchdb/local.ini
Date Sun, 15 Mar 2015 11:25:38 GMT


Alexander Shorin commented on COUCHDB-2638:

Well, this isn't a workaround, but an installation requirement. Most of other services are
as well requires to restart after manual config file edit or provides similar API to change/reload
config without stop. The reload feature comes with 2.0 release and with it read-only for CouchDB
process configuration makes a sense. As for 1.x, those admins have to continuously restart
a server after config update or use /_config API to apply every changes on the fly. Pretty
sure they'll pick the second way. Anyway, that's bikeshedding topic.

I'll recommend to keep this issue open to prove that CouchDB 2.0 is able to work with read-only
configs and able to reload them while gracefully handle eaccess errors. As for 1.x there is
nothing to do.

> CouchDB should not be writing /etc/couchdb/local.ini
> ----------------------------------------------------
>                 Key: COUCHDB-2638
>                 URL:
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>            Reporter: Yuri
>             Fix For: 2.0.0
> I am getting such messages in log on FreeBSD:
> > Could not write config file /usr/local/etc/couchdb/local.ini: permission denied
> The problem is that CoachDB supplies the original copy of local.ini, and it is treated
as a template for this configuration file. It is placed into /usr/local/etc/couchdb/local.ini.sample,
and its copy is placed into /usr/local/etc/couchdb/local.ini. Everything under /etc is what
admin configures. Ideally admin can compare local.ini and local.ini.sample and see if anything
in default configuration was modified compared to the suggested sample.
> When the executable itself modifies local.ini too, this makes it very confusing. Admin
will be confused if he should or shouldn't touch this file.
> My suggestion is that CouchDB should copy local.ini under /var/db/, or somewhere else,
and write it there. /etc isn't supposed to be writable by the process.

This message was sent by Atlassian JIRA

View raw message