rawhide, /mnt/koji and /pub/fedora

Mike McGrath mmcgrath at redhat.com
Thu Aug 28 19:58:03 UTC 2008

On Thu, 28 Aug 2008, Bill Nottingham wrote:

> Jesse Keating (jkeating at redhat.com) said:
> > So I realized something last night.  We created a user "masher" to have
> > the ability to write to /mnt/koji/mash/ but not any of the other koji
> > space.  This is useful to prevent too much damage from a horribly wrong
> > rawhide compose.  To make things easier in the rawhide compose configs,
> > we decided to run the cron/scripts as the masher user.  This is also
> > good because it means things run unprivileged.  However I ran into a
> > snag.  We have another user, 'ftpsync' that has write access
> > to /pub/fedora/.  Previously the rawhide script was ran as root, and
> > thus it was no problem to su ftpsync for the rsync calls.  The masher
> > user does not possess the capability of doing this.
> >
> > Since the ftpsync user is only really used to sync data onto the Fedora
> > netapp, I propose that we collapse ftpsync and masher into one user
> > (masher).  It'll require minimal puppet changes, mostly just moving some
> > cron jobs from ftpsync over to masher.  It will require UID changes,
> > either changing masher to the ftpsync UID (which breaks our new range we
> > just setup), or chmodding some stuff on the Fedora netapp and changing
> > what UID has write access there.
> >
> > For now, I'm syncing rawhide by hand.
> >
> > Comments?
> Is changing the user that owns the files going to cause unnecessary rsync
> churn for mirrors?

Only if we change the uid of ftpsync.  If we change the uid of masher
we're good on the mirrors.


More information about the Fedora-infrastructure-list mailing list