First Last Prev Next    This bug is not in your last search results.
Bug 456562 - Change package permissions to rw-r--r--
Change package permissions to rw-r--r--
Status: CLOSED CURRENTRELEASE
Product: Spacewalk
Classification: Community
Component: Server (Show other bugs)
0.1
All Linux
low Severity low
: ---
: ---
Assigned To: Pradeep Kilambi
Red Hat Satellite QA List
:
Depends On:
Blocks: space02
  Show dependency treegraph
 
Reported: 2008-07-24 13:50 EDT by Justin Sherrill
Modified: 2009-09-17 02:59 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 484475 (view as bug list)
Environment:
Last Closed: 2009-09-17 02:59:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Justin Sherrill 2008-07-24 13:50:53 EDT 
When porting the package download from perl to java, tomcat will need to be able
to read all of the pacakges, but sat-sync and rhnpush currently marks the
packages as 640 with apache:root ownership.

This needs to be changed to 644.
Comment 1 Clifford Perry 2008-08-01 14:46:21 EDT 
Any other viable options? 
- Make tomcat user in the apache group *and* then change sat-sync code to write
stuff:
0640 apache:apache
from
0640 apache:root

Does 'root' need this access at group level to the files? 

Making the files globally readable by change:
0644 
is less of a change to do, less risky in code, but does expose the entire
/var/satellite/ contents to any normal user on that has ssh access, but is this
a problem, most likely not. 

So, 0644 sounds fine, I think the risk exposure is minimal. 

Pretty sure this is a one liner to change:
satellite_tools/syncLib.py:        setPermsPath(self.full_path, user='apache',
group='root', chmod=0640)

*if* we make a change, we will need as part of upgrade process, a separate bug
to track and if needed as part of upgrade change permissions. 


Cliff
Comment 2 Pradeep Kilambi 2008-08-01 15:12:37 EDT 
fixed and upgrade process already handles this perms update.
Comment 3 Devan Goodwin 2008-09-05 11:44:28 EDT 
Verified in spacewalk 0.2. Packages are being stored with 0644. (-rw-r--r--)
Comment 4 Brandon Perkins 2009-02-09 21:01:13 EST 
Remove bug 456562 blocks bug 484475.
Comment 5 Miroslav Suchý 2009-09-17 02:59:38 EDT 
Spacewalk is released for long time.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.