Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 4504 invoked from network); 4 Sep 2009 20:12:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 4 Sep 2009 20:12:00 -0000 Received: (qmail 90819 invoked by uid 500); 4 Sep 2009 20:11:59 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 90745 invoked by uid 500); 4 Sep 2009 20:11:59 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 90735 invoked by uid 99); 4 Sep 2009 20:11:59 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Sep 2009 20:11:59 +0000 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=WEIRD_PORT X-Spam-Check-By: apache.org Received: from [140.211.11.9] (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with SMTP; Fri, 04 Sep 2009 20:11:56 +0000 Received: (qmail 4017 invoked by uid 99); 4 Sep 2009 20:11:36 -0000 Received: from localhost.apache.org (HELO [192.168.0.6]) (127.0.0.1) (smtp-auth username kocolosk, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Sep 2009 20:11:36 +0000 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes Mime-Version: 1.0 (Apple Message framework v1075.2) Subject: Re: The Strange Case of the Overarching Admin Accounts From: Adam Kocoloski In-Reply-To: <4AA14F27.9020603@canonical.com> Date: Fri, 4 Sep 2009 16:11:34 -0400 Content-Transfer-Encoding: 7bit Message-Id: <60338A79-8193-4FDD-B73F-A3AA09082CA5@apache.org> References: <4AA14F27.9020603@canonical.com> To: user@couchdb.apache.org X-Mailer: Apple Mail (2.1075.2) X-Virus-Checked: Checked by ClamAV on apache.org On Sep 4, 2009, at 1:32 PM, eric casteleijn wrote: > I'm having a problem that is making me doubt my sanity, and I wonder > if someone can reproduce this or tell me how I'm stupid: > > I have a system couchdb server installed, and have added an admin > account to it with this command: > > curl -X PUT http://localhost:5984/_config/admins/thisfred3 -d > '"password3"' > > That works fine, the admin account is written to /etc/couchdb/ > local.ini with a hashed password as one would expect, and persists > between couchdb sessions. Wonderful. > > Now when I start up a different couchdb server (after stopping the > system one, but I don't really think that matters.) on a different > port, with a different (newly created) db_dir and a completely > different .ini file, like so: > > /usr/bin/couchdb -n -a /tmp/tmpnLQLQu/xdg_config/desktop-couch/ > desktop-couchdb.ini -p /tmp/tmpnLQLQu/xdg_cache/desktop-couch/ > desktop-couchdb.pid -o /tmp/tmpnLQLQu/xdg_cache/desktop-couch/ > desktop-couchdb.stdout -e /tmp/tmpnLQLQu/xdg_cache/desktop-couch/ > desktop-couchdb.stderr -b > > I can connect to this server, but not create databases or manipulate > design documents, because it will throw a 401 unauthorized. > > Removing the [admins] section from /etc/couchdb/local.ini and trying > the above command again, will let me happily do anything an admin > can do, without asking for authentication. > > When I ask for the chain, by doing: > > /usr/bin/couchdb -n -a /tmp/tmpnLQLQu/xdg_config/desktop-couch/ > desktop-couchdb.ini -c > > I get what I'd expect: > > /tmp/tmpnLQLQu/xdg_config/desktop-couch/desktop-couchdb.ini > > So emphatically *not* /etc/couchdb/local.ini > > This looks like it may be a bug, but I'm not 100% sure, so can > anyone tell me if they see the same behavior, and find it as strange > as I do, or if I'm just doing it wrong? Hi Eric, I tried to reproduce this on the 0.10.x branch, but couldn't. Things worked as expected for me. Best of luck, Adam