incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eric casteleijn <eric.castele...@canonical.com>
Subject The Strange Case of the Overarching Admin Accounts
Date Fri, 04 Sep 2009 17:32:23 GMT
I'm having a problem that is making me doubt my sanity, and I wonder if 
someone can reproduce this or tell me how I'm stupid:

I have a system couchdb server installed, and have added an admin 
account to it with this command:

curl -X PUT http://localhost:5984/_config/admins/thisfred3 -d '"password3"'

That works fine, the admin account is written to /etc/couchdb/local.ini 
with a hashed password as one would expect, and persists between couchdb 
sessions. Wonderful.

Now when I start up a different couchdb server (after stopping the 
system one, but I don't really think that matters.) on a different port, 
with a different (newly created) db_dir and a completely different .ini 
file, like so:

/usr/bin/couchdb -n -a 
/tmp/tmpnLQLQu/xdg_config/desktop-couch/desktop-couchdb.ini -p 
/tmp/tmpnLQLQu/xdg_cache/desktop-couch/desktop-couchdb.pid -o 
/tmp/tmpnLQLQu/xdg_cache/desktop-couch/desktop-couchdb.stdout -e 
/tmp/tmpnLQLQu/xdg_cache/desktop-couch/desktop-couchdb.stderr -b

I can connect to this server, but not create databases or manipulate 
design documents, because it will throw a 401 unauthorized.

Removing the [admins] section from /etc/couchdb/local.ini and trying the 
above command again, will let me happily do anything an admin can do, 
without asking for authentication.

When I ask for the chain, by doing:

/usr/bin/couchdb -n -a 
/tmp/tmpnLQLQu/xdg_config/desktop-couch/desktop-couchdb.ini -c

I get what I'd expect:

/tmp/tmpnLQLQu/xdg_config/desktop-couch/desktop-couchdb.ini

So emphatically *not* /etc/couchdb/local.ini

This looks like it may be a bug, but I'm not 100% sure, so can anyone 
tell me if they see the same behavior, and find it as strange as I do, 
or if I'm just doing it wrong?

-- 
- eric casteleijn
https://launchpad.net/~thisfred
http://www.canonical.com

Mime
View raw message