'Re: [sisuite-users] Permission bits on / are drwxr-x--x rather than'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sisuite-users
Subject:    Re: [sisuite-users] Permission bits on / are drwxr-x--x rather than
From:       Andrea Righi <a.righi () cineca ! it>
Date:       2007-10-21 10:00:49
Message-ID: 471B2350.2060605 () cineca ! it
[Download RAW message or body]

FYI,
-Andrea

-------- Original Message --------
Subject: [systemimager-commits] r4302 - trunk/lib/SystemImager
Date: Sat, 20 Oct 2007 08:46:58 -0500
From: arighi@systemimager.ci.uchicago.edu
Reply-To: sisuite-devel@lists.sourceforge.net
To: systemimager-commits@lists.sourceforge.net

Author: arighi
Date: 2007-10-20 08:46:58 -0500 (Sat, 20 Oct 2007)
New Revision: 4302

Modified:
   trunk/lib/SystemImager/Server.pm
Log:
- fix: be sure to properly set the correct permissions bitmask in the
  override directories.

According to MKDIR(2):

[...] the permissions of the created directory are (mode & ~umask & 0777).

If the umask used by root in the image server is not the commonly used 0022,
the override directories could be made with a permission bitmask different to
0755 that will be distributed in the root of the imaged clients.

A non-standard permission mask in the root can lead to serious problems, so
it's better to enforce the right bitmask directly using a chmod() just after
the mkdir().

The most reasonable solution here is to use the same permission mask of the
image, that is (by definition) the same mask used in the root of the golden
client.

Bug report and solution by: wtautz <wtautz@cs.uwaterloo.ca>


Modified: trunk/lib/SystemImager/Server.pm
===================================================================
--- trunk/lib/SystemImager/Server.pm	2007-10-20 11:08:29 UTC (rev 4301)
+++ trunk/lib/SystemImager/Server.pm	2007-10-20 13:46:58 UTC (rev 4302)
@@ -2088,6 +2088,17 @@
     my $dir = "$override_dir/$script_name";
     if (! -d "$dir")  {
       mkdir("$dir", 0755) or die "FATAL: Can't make directory $dir\n";
+      # Be sure to properly set the correct permissions bitmask in the
+      # overrides, in fact according to MKDIR(2):
+      #
+      # [...] the permissions of the created directory are (mode & ~umask & 0777).
+      #
+      # A non-standard permission mask in the root of the clients can lead to
+      # serious problems, so it's better to enforce the right bitmask directly
+      # using a chmod() after the mkdir().
+      #
+      # The best solution here is to use the same permission mask of the image.
+      chmod(((stat($image_dir))[2] & 07777), "$dir");
     }  
     
     close($MASTER_SCRIPT);


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
sisuite-users mailing list
sisuite-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sisuite-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic