launching scylladb at the command line as root should be disabled OR supported
#3,142 建立於 2018年1月22日
描述
root@m01:/data/scylladb# scylla --version
2.0.2-0.20171130.07b039f
root@m01:/usr/sbin# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial
root@m01:/usr/sbin# uname -a
Linux m01 4.4.0-109-generic #132-Ubuntu SMP Tue Jan 9 19:52:39 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
root@m01:/usr/sbin#
Assuming user has answered yes to "Do you want to enable ScyllaDB services?" while running scylla_setup
After running the scylla_setup script as root the command prompt is returned without further "next step suggestions"
(assuming that everything went fine) it would be good to tell the user after the run of scylla_setup that scylladb can be started using:
root@m01:/data/scylladb# systemctl start scylla-server
When the root-user tries to run scylla by typing "scylla" he will see this result:
root@m01:/data/scylladb# scylla
Scylla version 2.0.2-0.20171130.07b039f starting ...
ERROR 2018-01-22 22:54:30,126 [shard 0] init - Could not read configuration file conf/scylla.yaml: std::invalid_argument (Could not open file at conf/scylla.yaml. Make sure it exists)
ERROR 2018-01-22 22:54:30,127 [shard 0] seastar - Exiting on unhandled exception: std::invalid_argument (Could not open file at conf/scylla.yaml. Make sure it exists)
root@m01:/data/scylladb#
the user might think that the setup failed partially, which is probably not correct because the reason of this error is that running scylla at root is not supported by default config.
the user should be prevented (or at least warned) to run scylla as root.
when the root-user starts to troubleshoot he might find out that this BAD command will start the scylladb using user root: ulimit -n 200000; scylla --options-file /etc/scylla/scylla.yaml --max-io-requests 65
Result: all files that are created by this process run will be owned by root. Future correct startup commands will fail due to wrong file permissions (and they don't report in any case that it's a file permission issue)
when the user tries to switch to user scylla by executing "su scylla", he will notice that the command does just return the command prompt without error while the current user is still root. This is because user scylla is created during the setup procedure but the shell is disabled for this user:
#su scylla does nothing:
root@m01:/data/scylladb# su scylla
root@m01:/data/scylladb#
#shell access disabled:
root@m01:/data/scylladb# grep scylla /etc/passwd
scylla:x:111:118::/var/lib/scylla:/bin/false
root@m01:/data/scylladb#
user scylla should be granted shell access OR the user should be clearly informed that the shell access for scylla is disabled on purpose in /etc/passwd.
Based on above findings it looks like when answering no to the question "Do you want to enable ScyllaDB services?" of scylla_setup currently always result in a , using default config-arguments, malfunctioning setup.
would be good to inform the user that launching scylla from the shell requires applying specific changes to the config after scylla_setup is run, or it should be disabled. Personally I would prefer to support running scylla from the command line using user scylla while root is disabled.