Andrea Righi wrote:
> wtautz wrote:
>
>>> Well.. this is the piece of code that creates the override dir after an
>>> image
>>> retrieval from a golden client (see
>>> http://svn.systemimager.org/filedetails.php?repname=systemimager&path=%2Ftrunk%2Flib%2FSystemImager%2FServer.pm&rev=0&sc=0
>>> function create_autoinstall_script):
>>>
>>> ### BEGIN overrides stuff ###
>>> # Create default overrides directory. -BEF-
>>> #
>>> my $override_dir = $config->default_override_dir;
>>> my $dir = "$override_dir/$script_name";
>>> if (! -d "$dir") {
>>> mkdir("$dir", 0755) or die "FATAL: Can't make directory $dir\n";
>>> }
>>>
>>> It means that if an override dir doesn't exist it's created using the right
>>> permissions 0755.
>>>
>>>
>> Perhaps explicitly checking that the mode is correct is necessary.
>> If one reads the description of mkdir in the perl book mkdir FILENAME, MASK
>> where "MASK as modified by the current umask". So it would seem that the
>> umask
>> setting clearly effects how the mkdir command works. It might be better
>> to create
>> the directory and then use chmod after the fact?
>>
>>
>
> >From MKDIR(2):
>
> "[...] the permissions of the created directory are (mode & ~umask & 0777)"
>
> So, I agree that a chmod after mkdir could be a safer way to be sure to
> not touch the "default" permission bitmask for the / in the clients,
> that could be quite dangerous under some circumstances.
>
> I'm going to test the following patch and check it in the trunk. Any
> objection?
>
>
Thanks Andrea for considering the change. Another thought occurs to me,
namely,
the overrides directory should, perhaps, have identical permissions as
the permissions on the golden client? So the task should perhaps be
to accurately duplicate the setting in
/var/lib/systemimager/images/<particular-image>?
Obviously if a user chooses to alter the settings manually that's their
business but
upon initial creation it should duplicate the golden client settings.
Walter
> Thanks for reporting,
> -Andrea
>
> Index: lib/SystemImager/Server.pm
> ===================================================================
> --- lib/SystemImager/Server.pm (revision 4299)
> +++ lib/SystemImager/Server.pm (working copy)
> @@ -2090,6 +2090,15 @@
> my $dir = "$override_dir/$script_name";
> if (! -d "$dir") {
> mkdir("$dir", 0755) or die "FATAL: Can't make directory $dir\n";
> + # Be sure to properly set the correct permissions bitmask in the
> + # overrides, in fact according to MKDIR(2):
> + #
> + # [...] the permissions of the created directory are (mode & ~umask &
> 0777).
> + #
> + # A non-standard permission mask in the root of the clients can lead to
> + # serious problems, so it's better to enforce the right bitmask
> directly
> + # using a chmod() after the mkdir().
> + chmod(0755, "$dir");
> }
>
> close($MASTER_SCRIPT);
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
sisuite-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/sisuite-users
