So I realized something last night. We created a user "masher" to have the ability to write to /mnt/koji/mash/ but not any of the other koji space. This is useful to prevent too much damage from a horribly wrong rawhide compose. To make things easier in the rawhide compose configs, we decided to run the cron/scripts as the masher user. This is also good because it means things run unprivileged. However I ran into a snag. We have another user, 'ftpsync' that has write access to /pub/fedora/. Previously the rawhide script was ran as root, and thus it was no problem to su ftpsync for the rsync calls. The masher user does not possess the capability of doing this. Since the ftpsync user is only really used to sync data onto the Fedora netapp, I propose that we collapse ftpsync and masher into one user (masher). It'll require minimal puppet changes, mostly just moving some cron jobs from ftpsync over to masher. It will require UID changes, either changing masher to the ftpsync UID (which breaks our new range we just setup), or chmodding some stuff on the Fedora netapp and changing what UID has write access there. For now, I'm syncing rawhide by hand. Comments? -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
