Hi Jake, On 08/02/12 11:39 PM, Sallee, Stephen (Jake) wrote: > Every time I use the pfcmd command to restart any PF services it will > randomly change the permissions on the file, I have had the permission > go from RWS-SR-X to XWRX-RX—and the owner change from root:root to > pf:root. I have checked the logs and I am the only person accessing > this server and it only happens after I call pfcmd from the CLI, if I > use the webUI everything works fine. > > I tried to see what could be causing this in the code but other than > finding the single best programming comment I have ever seen, I found > nothing of interest. > > Has anyone else seen this also? >
pfcmd is setuid root so no matter what user calls it, it runs root. This was done mostly because several operations need root (restart other daemons, change firewall rules, etc.). Then couple that with the fact that the Config::IniFiles module we use for configuration files always creates a new file then moves it to replace previous file when configuration is written. Some time ago I looked at the issue but couldn't find a way to quickly fix it without introducing potential race conditions (if two users would edit config through the Web at the same time) or involving dirty hacks like saving permissions then re-applying them. See the following issue for details: http://www.packetfence.org/bugs/view.php?id=960 So, for now, this is set aside as too low priority to warrant the rework required. Our long term architectural goal is to have a persistent application server. When we will be there it'll be easier to prevent concurrent changes to configuration and so we'll use in-place config modifications which will keep permissions on the files. Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
