[ccp4bb] Permissions and ownerships in ccp4 6.2.0
Hello, version 6.2.0 of ccp4 has strange permissions set to several setup/configuration scripts which are read while sourcing ccp4.setup. For a long time, ccp4 packages have been distributed with some arbitrary file and directory ownerships which users are obviously supposed to edit to meet their needs. On unix/linux workstations, we usually install under /usr/local and change all ownerships to root.root (default practice for third-party software). Up to now, this has not caused any problems. In version 6.2.0, however, ccp4.setup has permissions rwx r-- --- which makes it unreadable (and un-sourcable) for ordinary users! Strangely, ccp4-others.setup has the usual permissions rwx r-x r-x (although rw- r-- r-- should be sufficient for sourcing). After rectifying the permissions of ccp4.setup, additional errors appear, concerning permissions of several scripts in the xia2 and phaser trees: ccp4-6.2.0/share/xia2/setup.csh ccp4-6.2.0/share/xia2/xia2core/setup.csh ccp4-6.2.0/share/xia2/xia2/setup.csh ccp4-6.2.0/src/phaser/bin/machine_type ccp4-6.2.0/src/phaser/conf/version.csh All these files have the same problematic permissions as ccp4.setup. After fixing them, ccp4.setup can be sourced without errors. The bad thing is that there may be many more issues of this kind, which will only surface when trying to run a specific ccp4 program... Maybe the developers or packagers could comment on this issue. It looks like this ccp4 version is supposed to be installed in a user's home directory, so that he/she can take ownership of all the files. While in general there is nothing wrong with this type of installation, it should _NOT_ be considered the default on unix-type (i.e. multi-user) operating systems. Best regards, Oliver PD Dr. Oliver H. Weiergräber Institute of Complex Systems ICS-6: Structural Biochemistry Tel.: +49 2461 61-2028 Fax: +49 2461 61-1448 Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
Dear Oliver and others, an alternative way of installing system-wide third party software is with a non-root account that is in the same group as all the users. Use that account to install software centrally and initialize in each user's .bashrc. (Root is used only for administrative tasks on the local machines and installation of RPMs.) Users can use all the software but have no permission to tinker with it and potentially screw it up. Still, with this setup, there's a problem with ccp4 6.2. ccp4-6.2.0/src/phaser/bin/machine_type needs to be made executable for the group. Andreas On 19/07/2011 11:25, Weiergräber, Oliver H. wrote: Hello, version 6.2.0 of ccp4 has strange permissions set to several setup/configuration scripts which are read while sourcing ccp4.setup. For a long time, ccp4 packages have been distributed with some arbitrary file and directory ownerships which users are obviously supposed to edit to meet their needs. On unix/linux workstations, we usually install under /usr/local and change all ownerships to root.root (default practice for third-party software). Up to now, this has not caused any problems. In version 6.2.0, however, ccp4.setup has permissions rwx r-- --- which makes it unreadable (and un-sourcable) for ordinary users! Strangely, ccp4-others.setup has the usual permissions rwx r-x r-x (although rw- r-- r-- should be sufficient for sourcing). After rectifying the permissions of ccp4.setup, additional errors appear, concerning permissions of several scripts in the xia2 and phaser trees: ccp4-6.2.0/share/xia2/setup.csh ccp4-6.2.0/share/xia2/xia2core/setup.csh ccp4-6.2.0/share/xia2/xia2/setup.csh ccp4-6.2.0/src/phaser/bin/machine_type ccp4-6.2.0/src/phaser/conf/version.csh All these files have the same problematic permissions as ccp4.setup. After fixing them, ccp4.setup can be sourced without errors. The bad thing is that there may be many more issues of this kind, which will only surface when trying to run a specific ccp4 program... Maybe the developers or packagers could comment on this issue. It looks like this ccp4 version is supposed to be installed in a user's home directory, so that he/she can take ownership of all the files. While in general there is nothing wrong with this type of installation, it should _NOT_ be considered the default on unix-type (i.e. multi-user) operating systems. Best regards, Oliver PD Dr. Oliver H. Weiergräber Institute of Complex Systems ICS-6: Structural Biochemistry Tel.: +49 2461 61-2028 Fax: +49 2461 61-1448 Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt -- Andreas Förster, Research Associate Paul Freemont Xiaodong Zhang Labs Department of Biochemistry, Imperial College London http://www.msf.bio.ic.ac.uk
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
We are working to relax the permissions on the files to rwx r-x r-x Charles Ballard CCP4 On 19 Jul 2011, at 11:25, Weiergräber, Oliver H. wrote: Hello, version 6.2.0 of ccp4 has strange permissions set to several setup/configuration scripts which are read while sourcing ccp4.setup. For a long time, ccp4 packages have been distributed with some arbitrary file and directory ownerships which users are obviously supposed to edit to meet their needs. On unix/linux workstations, we usually install under /usr/local and change all ownerships to root.root (default practice for third-party software). Up to now, this has not caused any problems. In version 6.2.0, however, ccp4.setup has permissions rwx r-- --- which makes it unreadable (and un-sourcable) for ordinary users! Strangely, ccp4-others.setup has the usual permissions rwx r-x r-x (although rw- r-- r-- should be sufficient for sourcing). After rectifying the permissions of ccp4.setup, additional errors appear, concerning permissions of several scripts in the xia2 and phaser trees: ccp4-6.2.0/share/xia2/setup.csh ccp4-6.2.0/share/xia2/xia2core/setup.csh ccp4-6.2.0/share/xia2/xia2/setup.csh ccp4-6.2.0/src/phaser/bin/machine_type ccp4-6.2.0/src/phaser/conf/version.csh All these files have the same problematic permissions as ccp4.setup. After fixing them, ccp4.setup can be sourced without errors. The bad thing is that there may be many more issues of this kind, which will only surface when trying to run a specific ccp4 program... Maybe the developers or packagers could comment on this issue. It looks like this ccp4 version is supposed to be installed in a user's home directory, so that he/she can take ownership of all the files. While in general there is nothing wrong with this type of installation, it should _NOT_ be considered the default on unix-type (i.e. multi-user) operating systems. Best regards, Oliver PD Dr. Oliver H. Weiergräber Institute of Complex Systems ICS-6: Structural Biochemistry Tel.: +49 2461 61-2028 Fax: +49 2461 61-1448 Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender), Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
While we're on the subject of issues with the ccp4 6.20 distribution, I've had a problem with the Mac OS X package installer. It seems to be missing the ccp4i executable. Launching the application gives the following error: 19/07/2011 13:04:02 [0x0-0x269269].com.yourcompany.ccp4[17160] /Applications/ccp4-6.2.0/ccp4.app/Contents/Resources/ccp4.sh: line 202: /Applications/ccp4-6.2.0/bin/ccp4i: No such file or directory I've searched what gets installed in /Applications/ccp4-6.20 and there is no ccp4i. The package installer also has the aforementioned issues with script permissions. Regards, Chris -- Dr Chris Richardson :: Sysadmin, structural biology, icr.ac.uk The Institute of Cancer Research: Royal Cancer Hospital, a charitable Company Limited by Guarantee, Registered in England under Company No. 534147 with its Registered Office at 123 Old Brompton Road, London SW7 3RP. This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer and network.
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
Dear all, ideally, permissions should be either rw-r--r-- (0644) or (for files that need to be executed as well as directories) rwxr-xr-x (0755) One quick fix: find . -type d -exec chmod -v 0755 {} ; find . -type f -exec chmod -v 0755 {} ; but that last command makes every single file executable, which is rather ugly (but doing a selective chmod 0755/0644 is a bit tricky with all those script files - some need to be executed but others arent). I don't see a need to have read-only files like all the CIF dictionaries with permission 0755. The correct permissions can only be set during packaging unfortunately. Cheers Clemens -- *** * Clemens Vonrhein, Ph.D. vonrhein AT GlobalPhasing DOT com * * Global Phasing Ltd. * Sheraton House, Castle Park * Cambridge CB3 0AX, UK *-- * BUSTER Development Group (http://www.globalphasing.com) ***
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
Dear all, or use a modified version of Clemens's commands for that: find . -perm 700 -exec chmod 755 {} \; find . -perm 750 -exec chmod 755 {} \; find . -perm 600 -exec chmod 644 {} \; find . -perm 640 -exec chmod 644 {} \; Best regards, Dirk. Am 19.07.11 14:34, schrieb Clemens Vonrhein: Dear all, ideally, permissions should be either rw-r--r-- (0644) or (for files that need to be executed as well as directories) rwxr-xr-x (0755) One quick fix: find . -type d -exec chmod -v 0755 {} ; find . -type f -exec chmod -v 0755 {} ; but that last command makes every single file executable, which is rather ugly (but doing a selective chmod 0755/0644 is a bit tricky with all those script files - some need to be executed but others arent). I don't see a need to have read-only files like all the CIF dictionaries with permission 0755. The correct permissions can only be set during packaging unfortunately. Cheers Clemens -- *** Dirk Kostrewa Gene Center Munich, A5.07 Department of Biochemistry Ludwig-Maximilians-Universität München Feodor-Lynen-Str. 25 D-81377 Munich Germany Phone: +49-89-2180-76845 Fax:+49-89-2180-76999 E-mail: kostr...@genzentrum.lmu.de WWW:www.genzentrum.lmu.de ***
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
Another option is to use the recursive feature of chmod to change the permissions on the files. E.g. chmod -R a+rX . which will recursively add read for all users to files (and directories) and will also add execute if the file is a directory or if it already has at least one execute bit set. Regards, Mitch From: CCP4 bulletin board [CCP4BB@JISCMAIL.AC.UK] On Behalf Of Dirk Kostrewa [kostr...@genzentrum.lmu.de] Sent: Tuesday, July 19, 2011 6:14 AM To: CCP4BB@JISCMAIL.AC.UK Subject: Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0 Dear all, or use a modified version of Clemens's commands for that: find . -perm 700 -exec chmod 755 {} \; find . -perm 750 -exec chmod 755 {} \; find . -perm 600 -exec chmod 644 {} \; find . -perm 640 -exec chmod 644 {} \; Best regards, Dirk. Am 19.07.11 14:34, schrieb Clemens Vonrhein: Dear all, ideally, permissions should be either rw-r--r-- (0644) or (for files that need to be executed as well as directories) rwxr-xr-x (0755) One quick fix: find . -type d -exec chmod -v 0755 {} ; find . -type f -exec chmod -v 0755 {} ; but that last command makes every single file executable, which is rather ugly (but doing a selective chmod 0755/0644 is a bit tricky with all those script files - some need to be executed but others arent). I don't see a need to have read-only files like all the CIF dictionaries with permission 0755. The correct permissions can only be set during packaging unfortunately. Cheers Clemens -- *** Dirk Kostrewa Gene Center Munich, A5.07 Department of Biochemistry Ludwig-Maximilians-Universität München Feodor-Lynen-Str. 25 D-81377 Munich Germany Phone: +49-89-2180-76845 Fax:+49-89-2180-76999 E-mail: kostr...@genzentrum.lmu.de WWW:www.genzentrum.lmu.de ***
Re: [ccp4bb] Permissions and ownerships in ccp4 6.2.0
but that last command makes every single file executable, which is rather ugly (but doing a selective chmod 0755/0644 is a bit tricky I was wondering about having every file executable in the source distributions a while back, and came up with an quick way to make it less ugly (inline due to attachment filtering on my end): ## #!/usr/bin/env bash noexe() { local fn=$1 local pfx=`echo $fn | cut -c -3` #don't mess with mercurial store; adjust as needed for different # vcs if [ $pfx = .hg ]; then return fi local ft=`file $fn | grep exe` if [ $ft = ]; then #not supposed to be executable, fix it chmod -x $fn fi } #using while loop rather than find -exec because -exec doesn't # recognize bash functions. find . -type f |while read i; do noexe $i ; done with all those script files - some need to be executed but others arent). I don't see a need to have read-only files like all the CIF dictionaries with permission 0755. The correct permissions can only be set during packaging unfortunately. Cheers Clemens