[et-mgmt-tools] Cobbler - Issue with update_permissions function in action_reposync.py
Michael DeHaan
mdehaan at redhat.com
Mon Feb 11 15:01:36 UTC 2008
Tim Verhoeven wrote:
> Hi,
>
> In the devel branc of Cobbler commit
> "a2d760b7369059731a6cfbe673e117a553511a20" introduced a new function
> "update_permissions" that is run during a sync.
>
> But there is a problem with this piece of that function :
>
> cmd2 = "chmod -R 640 %s" % repo_path
> sub_process.call(cmd2, shell=True)
>
> This basically means that all directories will loose there "x" bit and
> that also means that apache cannot enter anymore in the directories,
> this then results in that both a install and yum stop working.
>
> I would have send a patch myself to fix it but I'm not completely sure
> what problem the "update_permissions" function is suppose to solve.
> The SELinux part makes sense to me and can stay. But I'm guessing that
> for the UNIX style permissions part it is better to do something like
> this :
>
> chmod -R u+r,u+w,g+r,g-w,o-r,o-w
>
> I believe this accomplishes the same but without touching the "x" bit
> of directories.
>
> Regards,
> Tim
>
>
Nice feature :)
s/640/750/
Actually it might as well be 755.
I'll compare this versus the RPM permissions on that directory and
straighten it out.
The basic problem we were seeing was due the rsync originally doing "-a"
to preserve permissions, which is less of an issue now
that that parameter was removed. In other words, the code in question
was being paranoid.
--Michael
More information about the et-mgmt-tools
mailing list