Projects
Wiki     Timeline     Roadmap     Browse Source     View Tickets     New Ticket     Search

Ticket #295 (assigned Defect)

Opened 6 months ago

Last modified 5 months ago

memcached error on CS when I input a new event

Reported by: filippos@… Owned by: wsanchez@…
Priority: 1: Blocker Milestone: CalendarServer-2.0
Component: Calendar Server Severity: Crash/data loss
Keywords: memcached Cc:

Description

error on CS when I input a new event

[memcached] can't run as root without the -u switch

Change History

Changed 6 months ago by wsanchez@…

Hrm. Yes. Here's a work-around until we fix this... add -u calendar to the list of options passed to memcached. For example:

  <!-- Support for Memcached -->
  <key>Memcached</key>
  <dict>
    <key>Options</key>
    <array>
      <string>-u</string>
      <string>calendar</string>
    </array>
  </dict>

Changed 6 months ago by filippos@…

this is not working, same error at start

2008-07-19 08:43:25+0300 [-] [caldav-8008]  [-] twisted.web2.channel.http.HTTPFactory starting on 8443
2008-07-19 08:43:25+0300 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('logs/caldavd.sock') PEER:UNIXSocket(''))
2008-07-19 08:43:25+0300 [-] [caldav-8008]  [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('logs/caldavd.sock'))
2008-07-19 08:43:25+0300 [-] [memcached] can't run as root without the -u switch
2008-07-19 08:43:28+0300 [-] [memcached] can't run as root without the -u switch
2008-07-19 08:43:35+0300 [-] [memcached] can't run as root without the -u switch
2008-07-19 08:43:50+0300 [-] [memcached] can't run as root without the -u switch

Changed 6 months ago by wsanchez@…

  • priority changed from 2: Expected to 1: Blocker
  • status changed from new to assigned
  • milestone changed from Linux Port to 2.0

From the milestone, I assume this is on Linux? Shouldn't really matter though...

Making this a P1 for 2.0.

Changed 5 months ago by aaron.grattafiori@…

Running CalendarServer as root is NOT a good idea. Especially because you don't need any of roots permissions (its trival to add a calendar user that runs caldavd).

Changed 5 months ago by wsanchez@…

Aaron, CalendarServer drops privileges to the user configured in its config file after doing some operations that may require root access, such as binding to the listen port (which in many cases would be port 80, a privileged port) or setting up some log files which the running server doesn't need write access to.

It is not a bad idea to start the server as root, if properly configured, but it is true than in some deployments, it may not be necessary.

Note: See TracTickets for help on using tickets.