rawhide, /mnt/koji and /pub/fedora
Mike McGrath
mmcgrath at redhat.com
Thu Aug 28 19:58:03 UTC 2008
On Thu, 28 Aug 2008, Bill Nottingham wrote:
> Jesse Keating (jkeating at redhat.com) said:
> > So I realized something last night. We created a user "masher" to have
> > the ability to write to /mnt/koji/mash/ but not any of the other koji
> > space. This is useful to prevent too much damage from a horribly wrong
> > rawhide compose. To make things easier in the rawhide compose configs,
> > we decided to run the cron/scripts as the masher user. This is also
> > good because it means things run unprivileged. However I ran into a
> > snag. We have another user, 'ftpsync' that has write access
> > to /pub/fedora/. Previously the rawhide script was ran as root, and
> > thus it was no problem to su ftpsync for the rsync calls. The masher
> > user does not possess the capability of doing this.
> >
> > Since the ftpsync user is only really used to sync data onto the Fedora
> > netapp, I propose that we collapse ftpsync and masher into one user
> > (masher). It'll require minimal puppet changes, mostly just moving some
> > cron jobs from ftpsync over to masher. It will require UID changes,
> > either changing masher to the ftpsync UID (which breaks our new range we
> > just setup), or chmodding some stuff on the Fedora netapp and changing
> > what UID has write access there.
> >
> > For now, I'm syncing rawhide by hand.
> >
> > Comments?
>
> Is changing the user that owns the files going to cause unnecessary rsync
> churn for mirrors?
>
Only if we change the uid of ftpsync. If we change the uid of masher
we're good on the mirrors.
-Mike
More information about the Fedora-infrastructure-list
mailing list