[Pulp-dev] permission on downloaded artifacts
Justin Sherrill
jsherril at redhat.com
Wed May 2 20:17:37 UTC 2018
HI All!
I noticed while testing out pulp 3, that artifacts are downloaded as:
$ ls -l
/var/lib/pulp/artifact/04/2c259d546331588e1dff83a46f62a27fb7cf3de4050924470d99fd8d2a046f
-rw-------. 1 root root 4358144 May 2 15:42
/var/lib/pulp/artifact/04/2c259d546331588e1dff83a46f62a27fb7cf3de4050924470d99fd8d2a046f
while the directories are 755.
In my case my workers were running as root, but my web server was
running as another user. I know production deployment is a long way
away, but it would make sense to to allow for at least group read (740)
so that i could run my web server as one user and my workers as another
user for better isolation?
Justin
More information about the Pulp-dev
mailing list