Or, since I'm dealing with directories in the path leading to the mysql matador, should those chmod commands be the following?
chmod +a "_mysql allow search" [dir_name] (I find it strange that while searching on-line for how to use a non-default location for the mysql datadir, none of them mentioned such ACL manipulation (all they described was giving _mysql ownership of the new datadir). > On 13 Feb2015, at 12:34 PM, Murray Eisenberg <[email protected]> > wrote: > > The Finder Get Info Sharing & Permissions doesn't seem to allow adding x > permission to anything, just read only, write only, or read & write. In any > case, user _mysql does not appear among the users to add that way. > > The chmod man entry for ACL manipulations is hard to penetrate. > > With my mysql datadir in > > /Volumes/MacHD/Users/thisuser/Databases/mysql/data > > and that matador already owned my _mysql, is the following what I should do? > > chmod +a "_mysql allow execute" > /Volumes/MacHD/Users/thisuser/Databases/mysql > chmod +a "_mysql allow execute" /Volumes/MacHD/Users/thisuser/Databases > > (/Volumes/MacHD/Users/thisuser already has +x permission for all). >> On 13 Feb2015, at 12:14 PM, Brandon Allbery <[email protected]> wrote: >> >> On Fri, Feb 13, 2015 at 12:05 PM, Murray Eisenberg >> <[email protected]> wrote: >> Isn't there some safer way to be able to use mysql with a datadir in a >> non-default location (after specifying it in my.cnf, of course)? >> >> You can use ACLs to only grant that permission to the _mysql user (see ACL >> MANIPULATION OPTIONS in `man chmod`, or use Get Info in the Finder and see >> the "Sharing and Permissions" section at the bottom of the info pane). But >> in general granting directory search permission is common and not considered >> to be a significant security issue. In particular, by default everything up >> to /Volumes/MacHD/Users/$USER will generally have a+x. >> >> pyanfar:4326 Z$ sh -c 'oIFS="$IFS"; IFS=/; set -- $(pwd); p=; for d; do >> IFS="$oIFS"; p="$p/$d"; ls -ld "$p"; done' >> drwxr-xr-x 34 root admin 1224 Feb 12 07:17 / >> drwxr-xr-x 6 root admin 204 Aug 29 11:43 //Users >> drwxr-xr-x+ 61 allbery staff 2074 Feb 13 12:06 //Users/allbery >> drwx------@ 57 allbery staff 1938 Feb 13 11:19 //Users/allbery/Library >> drwx------+ 187 allbery staff 6358 Feb 13 12:12 >> //Users/allbery/Library/Preferences >> >> -- >> brandon s allbery kf8nh sine nomine associates >> [email protected] [email protected] >> unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net > > --- > Murray Eisenberg [email protected] > 503 King Farm Blvd #101 Home (240)-246-7240 > Rockville, MD 20850-6667 Mobile (413)-427-5334 > > > > > --- Murray Eisenberg [email protected] 503 King Farm Blvd #101 Home (240)-246-7240 Rockville, MD 20850-6667 Mobile (413)-427-5334 _______________________________________________ macports-users mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-users
