Docs - Operating the Server - Linux File Ownership

My personal context below, but my questions are focused around a specific note in one of the docs.

  • SonarQube Enterprise 8.6.0.39861
  • Trying to achieve first time server installation. I am attempting to install on Ubuntu 20.04 (Azure Linux VM).
  • I am following along with the documentation and blog posts. I am not stuck, but did encounter some documentation which has caused me to pause. I think I know what my next move is and am looking for community feedback.

On the Operating the Server - Running SonarQube as a Service on Linux with SystemD page, there is a Note that says:

The SonarQube data directory, /opt/sonarqube/data, and the extensions directory, /opt/sonarqube/extensions should be owned by the sonarqube user. As a good practice, the rest should be owned by root

However, based on other areas of documentation, it appears as though the /opt/sonarqube/logs and /opt/sonarqube/temp directories also would need write permissions for the sonarqube user.

  • The Install the Server - Installing SonarQube from the Docker Image calls out that the data, extensions, and logs directories all need associated volumes.
  • The SonarQube Enterprise Dockerfile on GitHub gives ownership of the entire SONARQUBE_HOME directory to the sonarqube user and group.
    • Additionally, it changes permissions for the 4 directories: data, extensions, logs and temp
    • I recognize that running in a container might not fall under the recommendation of "As good practice, the rest should be owned by root".
  • In another thread, @ganncamp mentions that logs should not be owned by root:

Am I correct in assuming this documentation Note is inaccurate, or is it correct the way it is?

For now, I am operating under the assumption that if I configured my server as the Note says, I would run into failures at runtime. I see two options:

  1. Change ownership of entire SONARQUBE_HOME directory to sonarqube user/group.

  2. Change ownership of only the 4 directories (data, extensions, logs, temp) to sonarqube user/group.

I am going to start with option 1 just to continue with my setup. I expect to perform the installation a few times, as where I am installing to is not a final production VM. I may test option 2 in a future setup.

Regarding the documentation page, if the Note is indeed inaccurate, what are the next steps to get the page updated with a more accurate Note?

Hi,

You’re right. The note is too broad. I think you’ve outlined a good way to proceed. I’m going to flag this internally for documentation review. In the meantime, I think you’re fine to proceed as you’ve outlined.

 
Ann

1 Like

Thanks Ann!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.