Tim Verhoeven wrote:
Hi,
In the devel branc of Cobbler commit
"a2d760b7369059731a6cfbe673e117a553511a20" introduced a new function
"update_permissions" that is run during a sync.
But there is a problem with this piece of that function :
cmd2 = "chmod -R 640 %s" % repo_path
sub_process.call(cmd2, shell=True)
This basically means that all directories will loose there "x" bit and
that also means that apache cannot enter anymore in the directories,
this then results in that both a install and yum stop working.
I would have send a patch myself to fix it but I'm not completely sure
what problem the "update_permissions" function is suppose to solve.
The SELinux part makes sense to me and can stay. But I'm guessing that
for the UNIX style permissions part it is better to do something like
this :
chmod -R u+r,u+w,g+r,g-w,o-r,o-w
I believe this accomplishes the same but without touching the "x" bit
of directories.
Regards,
Tim
Nice feature :)
s/640/750/
Actually it might as well be 755.
I'll compare this versus the RPM permissions on that directory and
straighten it out.
The basic problem we were seeing was due the rsync originally doing "-a"
to preserve permissions, which is less of an issue now
that that parameter was removed. In other words, the code in question
was being paranoid.
--Michael
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
