Hide Forgot
Description of problem: As a result of bug 110561 p2fs subdirs are not writable by the servlet user. Thus, p2fs is breaking: java.lang.ExceptionInInitializerError: com.arsdigita.initializer.InitializationException: publishToFile: parameter destination: the document root '/usr/share/ccm/work/p2fs' must be a writable directory at com.arsdigita.cms.publishToFile.Initializer.invalidParam(Initializer.java:327) java.lang.ExceptionInInitializerError: com.arsdigita.initializer.InitializationException: publishToFile: parameter destination: the document root '/usr/share/ccm/webapps/ROOT/packages/content-section/templates' must be a writable directory at com.arsdigita.cms.publishToFile.Initializer.invalidParam(Initializer.java:327) at com.arsdigita.cms.publishToFile.Initializer.processDestinationEntry(Initializer.java:306)
Other subdirs too: java.io.FileNotFoundException: /usr/share/ccm/webapps/ROOT/WEB-INF/work/_packages/_content_22dsection/_www/_admin/_index__jsp.java Servlet engine (resin) can't build jsps
Part of the problem here is that file permissions are not being preserved during file copy. Therefore, if "ccm hostinit" is run as root then root will be the owner of the new files and the 'servlet' user will not have write access. Unfortunately, there is no way to fix this within Java. So, I will go ahead and modify "ccm hostinit" to switch to the 'servlet' user before invoking the java command that copies the files. If anyone has a better solution, please post. (p.s. To be more precise, I will have ccm hostinit switch to the user as determined by the same process used in ccm start. Read the code for details.)
<dgregor> danpb: you may be interested in https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111451 <danpb> the files *should* be owned as root otherwise its a security hole <dgregor> ccmbot-- <ccmbot> ccmbot now has -71 points of karma. <danpb> only the 'work' directory should be writable <danpb> & we could probably fix that up after the effect in the shell script wrapper, no ? <dgregor> but /usr/share/ccm/webapps/ROOT/packages/content-section/templates does need to be writable <danpb> ah, that dir too <danpb> but that's only a short term thing <danpb> until p2fs templating is fixed <dgregor> ok, so keep existing behavior except make /usr/share/ccm/webapps/ROOT/packages/content-section/templates writable <danpb> yeah <dgregor> cool
@38498 I checked in a change to hostinit that makes that directory (and all of its contents) writable, but nothing else. Now I'm looking into why the work directory is having problems.
38510 should fix the problem with the work directory.
Still a problem under resin for building jsps: java.io.FileNotFoundException: /usr/share/ccm/webapps/ROOT/WEB-INF/work/_packages/_content_22dsection/_www/_admin/_index__jsp.java
The resin work directory is set to $CCM_HOME/tmp as of 38526
This works now.
Urgh. Didn't notice when I closed that work/lucene is still owned by root. This directory is created when running ccm load on core, which is run by root. If this can't be easily corrected, the workaround (chmod) needs to be documented.
The solution is to run ccm load and hostinit as servlet. Dennis is making changes to the script to su servlet if run as root.
@38596 I check in a copy of the ccm script which switches to the servlet user when run as root, with the exception of "ccm hostinit". That command is still run as root as we do want the files that it copies/creates to be owned by root.
closing old tickets