[augeas-devel] Augeas save does not create directory when needed

Thu Nov 20 08:09:34 UTC 2008

On Wed, 2008-11-19 at 17:59 +0100, Dominique Dumont wrote:
> "Daniel P. Berrange" <berrange at redhat.com> writes:
> 
> > I'd say it was a feature, precisely because its impossible to know 
> > what correct ownership/mode is relevant. Only the application using
> > augeas can have this knowledge.
> 
> On the other hand, each lens contains application specific
> informations. And the guy who maintain the lens should have the
> knowledge regarding the "best" ownership/mode for its application
> specific directory.
> 
> So is there any possibility to write this info in the lens ? (or in a
> file beside the lens)

We could probably add something like that to the transform, but it seems
like it would be quite a bit of effort to cover everything: owner/group,
permissions, ACL's, possibly SELinux labels ... and that for every
parent directory of every file. I am also not sure that we'd be able to
cover that in a way that works cross-platform.

Another way to provide this behavior is to store special nodes in the
tree (e.g., /files/etc/@owner, /files/etc/@mode etc. for attributes
of /etc) It would be a good amount of work to implement that cleanly,
i.e. so that those nodes are populated on startup and changes are made
cleanly on save.

If somebody wants to come up with a patch for that, that would be much
appreciated ;)

> > What scenario would you really encounter where /etc/ssh did not already
> > exist, but where you wanted to create the config file. If you actually
> > had SSH installed, it would always exist, and if you didn't have it
> > installed, then its not a problem if creating the config file fails.
> 
> That's correct for ssh. For more complex configuration (like apache),
> creating a directory on the fly may be required.

How exactly did you run into this ? On a fully installed system, it
hardly ever happens that a new file has to be created, let alone
directories. Even for Apache configs, the Apache package lays down the
directories for config files.

> >> The simplest would be to use teh current user/group and some default
> >> permission like 0755, though that might be way too open. The issue is
> >> logged as ticket #3 [1] - if you have any other suggestions, please add
> >> them to the ticket.
> >
> > That'd certainly be wrong for a number of scenarios where you have
> > security sensitive directories or config files that should not be
> > visible to non-root users. Then again, picking 0700 would also be
> > wrong for a large number of cases. I don't see how Augeas can pick
> > any correct setting without application help.
> 
> May be fallback to umask settings if no other information is available ?

That's just very insecure, and I worry that unsuspecting users will wind
up with dirs that simply have the worng permissions.

David