Roman Kosenko created SOLR-14585:
------------------------------------
Summary: Check the current user in SysV init script
Key: SOLR-14585
URL: https://issues.apache.org/jira/browse/SOLR-14585
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: scripts and tools
Affects Versions: 8.5.2
Reporter: Roman Kosenko
Attachments: init.d-solr.diff
While SOLR-14410 is still open I propose a quick fix/improvement for init.d
script - check the current user and, if it is the same as RUNAS user, then
don't execute "su".
Background:
Systemd has backward compatibility with SysV and able to run scripts from
/etc/init.d, but SELinux policies in many distros encourage changing user
before this stage and prohibits executing of "su" binary, so it would be
logical to do this at systemd level
(/etc/systemd/system/solr.service.d/override.conf). In this case, the current
init.d script for Solr is missing one very trivial check - `"$RUNAS" !=
"$USER"`. See the diff-file in the attachment.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
