[Bug 268526] databases/neo4j: port partially broken and does not separate installation from runtime data

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 23 Dec 2022 13:20:04 UTC 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268526

            Bug ID: 268526
           Summary: databases/neo4j: port partially broken and does not
                    separate installation from runtime data
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: wen@FreeBSD.org
          Reporter: michael.osipov@siemens.com
          Assignee: wen@FreeBSD.org
             Flags: maintainer-feedback?(wen@FreeBSD.org)

I don't know where to start, there are several issues where I have a problem to
use this port, likely I need to break up in several tickets later. (note: I
have gone through this with devel/nexus2-oss as a maintainer).

* It does not start, JAVA_HOME is not set in neo4j.sh since JAVA_HOME is only
set when the java(1) wrapper is called which isn't done in neo4j.sh:
===
# service neo4j start
Error: JAVA_HOME is not defined correctly.
  We cannot execute
===
This I had to work around in rc.conf first (neo4j_env)
* The service runs as root which is a no-go. You must reverse a uid/gid in
UIDs/GIDs files.
* The neo4j.conf file is never used due to misconfiguration:
* Lack of separation between read-only installation and runtime data:
===
# service neo4j start
Directories in use:
home:         /usr/local/neo4j
config:       /usr/local/neo4j/conf
logs:         /usr/local/neo4j/logs
plugins:      /usr/local/neo4j/plugins
import:       /usr/local/neo4j
data:         /usr/local/neo4j/data
certificates: /usr/local/neo4j/certificates
licenses:     /usr/local/neo4j/licenses
run:          /usr/local/neo4j/run
===
because of
===
# procstat penv 43356 | grep ENV
envp[13]: NEO4J_CONF_ENV=NEO4J_CONF=/usr/local/etc
===
does not work and does not exist:
https://github.com/neo4j/neo4j/search?q=NEO4J_CONF_ENV
This I had to work around in rc.conf first (neo4j_env).
Then
===
Directories in use:
home:         /usr/local/neo4j
config:       /usr/local/etc
logs:         /var/log/neo4j
plugins:      /usr/local/neo4j/plugins
import:       /usr/local/neo4j/import
data:         /var/db/neo4j
certificates: /usr/local/neo4j/certificates
licenses:     /usr/local/neo4j/licenses
run:          /var/run
===
Still, certificates doe not correspond to pkg-plist, likely licenes should be
in ETCDIR as well.
* post-patch either too many vars which aren't even defined or patch-* don't
add them. See missing JAVA_HOME. This is actually rooted in a bad script of the
appassembler-maven-plugin which I might address upstream somewhere in the
future.

Maybe even more things I haven't taken care of/noticed ATM.

I used this for reference for dirs/files and ro vs rw:
https://neo4j.com/docs/operations-manual/4.4/configuration/file-locations/

I am not the target neo4j user, but just the sysadmin and software developer.

Ideally, this would would install configure

/usr/local/share/java/neo4j (owned by root)
===== (owned by neo4j:neo4j)
/var/db/neo4j/data
/var/run/neo4j (can't be run/ because service user cannot write to run/)
/var/log/neo4j
/var/db/neo4j/metrics
/var/db/neo4j/import
===== (owned by root)
/usr/local/etc/neo4j/
/usr/local/etc/neo4j/neo4j.conf
/usr/local/etc/neo4j/licenses
/usr/local/etc/neo4j/certificates
=====

At least this is basically how I have taken devel/nexus2-oss apart and
upgrading is a snap.


I'd be happy to engage into a discussion to make this right according to
hier(7).

-- 
You are receiving this mail because:
You are the assignee for the bug.