Cloning for Satellite as there has been a related customer issue reported.
+++ This bug was initially created as a clone of Bug #456562 +++
When porting the package download from perl to java, tomcat will need to be able
to read all of the pacakges, but sat-sync and rhnpush currently marks the
packages as 640 with apache:root ownership.
This needs to be changed to 644.
--- Additional comment from email@example.com on 2008-08-01 14:46:21 EDT ---
Any other viable options?
- Make tomcat user in the apache group *and* then change sat-sync code to write
Does 'root' need this access at group level to the files?
Making the files globally readable by change:
is less of a change to do, less risky in code, but does expose the entire
/var/satellite/ contents to any normal user on that has ssh access, but is this
a problem, most likely not.
So, 0644 sounds fine, I think the risk exposure is minimal.
Pretty sure this is a one liner to change:
satellite_tools/syncLib.py: setPermsPath(self.full_path, user='apache',
*if* we make a change, we will need as part of upgrade process, a separate bug
to track and if needed as part of upgrade change permissions.
--- Additional comment from firstname.lastname@example.org on 2008-08-01 15:12:37 EDT ---
fixed and upgrade process already handles this perms update.
--- Additional comment from email@example.com on 2008-09-05 11:44:28 EDT ---
Verified in spacewalk 0.2. Packages are being stored with 0644. (-rw-r--r--)
repsonding to comment #3
Prad, They're basically asking for apache/apache 664 because they have scripts that run as non-apache user and they want to write as apache group. Is that possible?
GS would like 664, as in group read/write
Closing this as per today's meeting. Goldman would have liked to see this
Internal Status set to 'Resolved'
Status set to: Closed by Tech
Resolution set to: 'Rejected'
This event sent from IssueTracker by jleddy