Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensured permissions for htdocs/application/cache #2912

Merged
merged 1 commit into from
Jun 24, 2024
Merged

Ensured permissions for htdocs/application/cache #2912

merged 1 commit into from
Jun 24, 2024

Conversation

aleksandrychev
Copy link
Contributor

Ticket: ENT-11442

craigcomstock
craigcomstock requested changes Jun 14, 2024
View reviewed changes
Copy link
Contributor

@craigcomstock craigcomstock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one typo in promiser I think

cfe_internal/enterprise/CFE_knowledge.cf Outdated Show resolved Hide resolved
cfe_internal/enterprise/CFE_knowledge.cf Outdated Show resolved Hide resolved
@aleksandrychev aleksandrychev force-pushed the ENT-11442 branch 2 times, most recently from b2fd58f to 4e628c6 Compare June 14, 2024 15:52
nickanderson
nickanderson reviewed Jun 14, 2024
View reviewed changes
cfe_internal/enterprise/CFE_knowledge.cf Outdated
handle => "cfe_internal_setup_knowledge_files_doc_root_application_cache",
create => "true",
depth_search => recurse_basedir("inf"),
perms => mog("0660", $(def.cf_apache_user), $(def.cf_apache_group)),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, this promise targets both files and directories from the promised directory all the way down.

With the changes to rxdirs, you won't get execute (list) permission on directories. Is that OK or do you need to be able to list the files in the directories?

If so, then you should split this into 2 promises. One that targets files (file_select) and one that targets directories, each specifying the permissions you want for files or directories respectively.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually I don't need nested directories, only files, changed it.

Copy link
Contributor Author

@aleksandrychev aleksandrychev Jun 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

now it changes perms back

   info: Owner of '/var/cfengine/httpd/htdocs/application/cache' was 0, set to 997
   info: Directory '/var/cfengine/httpd/htdocs/application/cache' had permissions 0550, changed it to 0770
   info: Owner of '/var/cfengine/httpd/htdocs/application/cache' was 997, set to 0
   info: Directory '/var/cfengine/httpd/htdocs/application/cache' had permissions 0770, changed it to 0550

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I pushed a couple changes to your fork, give that a go. It stopped the flipping for me.

nickanderson
nickanderson reviewed Jun 14, 2024
View reviewed changes
Copy link
Member

@nickanderson nickanderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's OK if you don't need execute bit on directories, if you do then I think it needs more.

@aleksandrychev aleksandrychev force-pushed the ENT-11442 branch 2 times, most recently from 672ddc3 to 1c57883 Compare June 17, 2024 10:15
@nickanderson
Copy link
Member

It's OK if you don't need execute bit on directories, if you do then I think it needs more.

Looks like I messed it up:

3.24.0a.b626c6a39/tests/acceptance/workdir/__00_basics_def_json_control_common_bundlesequence_end_cf/inputs/promises.cf" was: "   error: Comments can only be scalar objects, not "call" in "$(cfe_internal_hub_vars.docroot)/application/cache/."
R: reporting actuation of bundle x"

@nickanderson
Copy link
Member

@cf-bottom jenkins please.

@cf-bottom
Copy link

Alright, I triggered a build:

Build Status

Jenkins: https://ci.cfengine.com/job/pr-pipeline/10960/

Packages: http://buildcache.cfengine.com/packages/testing-pr/jenkins-pr-pipeline-10960/

craigcomstock
craigcomstock reviewed Jun 24, 2024
View reviewed changes
Copy link
Contributor

@craigcomstock craigcomstock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems reasonable, squash commits yeah?

@aleksandrychev @nickanderson
Ensured permissions for htdocs/application/cache
6d4c3f3 
Ticket: ENT-11442
Signed-off-by: Ihor Aleksandrychiev <[email protected]>
@nickanderson nickanderson merged commit fe61438 into cfengine:master Jun 24, 2024
4 checks passed
@nickanderson nickanderson added the cherry-pick? Fixes which may need to be cherry-picked to LTS branches label Jun 24, 2024
@aleksandrychev aleksandrychev removed the cherry-pick? Fixes which may need to be cherry-picked to LTS branches label Jul 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickanderson nickanderson nickanderson left review comments

@craigcomstock craigcomstock craigcomstock approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aleksandrychev @nickanderson @cf-bottom @craigcomstock