Admin users in the system couchdb are inherited by desktopcouch couchdbs

Bug #424330 reported by Eric Casteleijn on 2009-09-04
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
CouchDB
Invalid
Undecided
Eric Casteleijn
desktopcouch
High
Eric Casteleijn
couchdb (Ubuntu)
Undecided
Elliot Murphy
Karmic
Undecided
Elliot Murphy

Bug Description

Because of the way desktopcouch currently starts couchdb, it inherits the .ini files from the system couchdb, inluding /etc/couchdb/local.ini, which holds the admin accounts. If someone adds an admin user to the system couchdb, this means users' couchdbs will also have this admin user, and unless they already had another admin user, they are now locked out of their database for all admin activities, notably: creating new admin users, creating databases, and creating/editing design documents. Ungood.

Let's take away the chaining altogether, and generate the entire .ini file ourselves, so that we have complete control, and don't get bitten by shades of implicit acquisition.

Related branches

tags: added: desktop+ karmic-blocker
Changed in desktopcouch:
status: New → Triaged
importance: Undecided → Critical
assignee: nobody → Eric Casteleijn (thisfred)
importance: Critical → High
milestone: none → w21-karmic-alpha6
tags: added: karmic-blockers
removed: karmic-blocker
tags: removed: karmic-blockers
Eric Casteleijn (thisfred) wrote :

Seems that this behavior persists, even when adjusting the chaining of .ini files. I'm talking to upstream, and will file a bug there, if it is one.

tags: added: karmic-blocker
Changed in desktopcouch:
status: Triaged → Confirmed
Eric Casteleijn (thisfred) wrote :

After more testing, upstream's chaining of .ini files seems to be broken, I've filed a bug in the upstream issue tracker https://issues.apache.org/jira/browse/COUCHDB-498

Changed in couchdb:
assignee: nobody → Eric Casteleijn (thisfred)
status: New → Confirmed
tags: added: ubuntuone-karmic
tags: removed: karmic-blocker
Elliot Murphy (statik) on 2009-09-10
Changed in couchdb:
status: Confirmed → Invalid
Changed in couchdb (Ubuntu):
assignee: nobody → Elliot Murphy (statik)
status: New → In Progress
Elliot Murphy (statik) wrote :
Elliot Murphy (statik) wrote :
Elliot Murphy (statik) wrote :
Elliot Murphy (statik) wrote :

Attached orig.tar.gz and diff for a new snapshot of the 0.10.x upstream release branch which fixes this bug and a couple of other serious reported bugs, as discussed with slangasek yesterday. I will also be doing some packaging fixes in separate upload today, but that will be handled via bzr and a sourcepackagebranch, so I don't anticipate any trouble with merging.

I've testbuilt the package in my karmic pbuilder, tested upgrade and uninstall, run the desktopcouch test suite against this version and all looks sane.

Changed in desktopcouch:
status: Confirmed → In Progress
Chad Miller (cmiller) on 2009-09-10
tags: added: cmiller-k-alpha6
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package couchdb - 0.10.0~svn813472-0ubuntu1

---------------
couchdb (0.10.0~svn813472-0ubuntu1) karmic; urgency=low

  * New snapshot of couchdb 0.10.x stable prerelease branch
    - pass config reset option to recursed background startup (LP: #424330)
      closes COUCHDB-498
    - Fix for building on snow leopard COUCHDB-490
    - Fix SSL replication (LP: #422178) COUCHDB-491
    - Fix continuous-after-normal replication
    - Use the same password hash calculation for user creation via ini
      file and user db, closes COUCHDB-492
    - Fix for WebKit XHR, closes COUCHDB-483
    - Don't check for response code text, closes COUCHDB-482
    - Remove a debugging leftover

 -- Elliot Murphy <email address hidden> Thu, 10 Sep 2009 11:35:54 -0400

Changed in couchdb (Ubuntu Karmic):
status: In Progress → Fix Released
Changed in desktopcouch:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers