Modifying cleancvs.sh to accomodate permission issues?

Gerard Beekmans gerard at linuxfromscratch.org
Thu Oct 9 08:44:29 PDT 2003


On Thu, 2003-10-09 at 09:36, Mark Hymers wrote:
> To be honest I'd think it should be two seperate scripts.

I was thinking we will probably have more directories and files to
ensure proper permissions on. Creating different scripts to do the
essential same thing (running chmod and chgrp on things) seems to be a
bit much. We can write the script in "sections" if you will so we don't
mix and match chmod/chgrp commands. Start with CVS stuff, then when CVS
is done, do the websites, when that's done, do whatever else we think of
in the future.

> Also, I'd be tempted (as I mentioned the other day) to use a different
> unprivileged user to store the website info.  You could give the
> relevant people sudo permissions to allow them to run that script as the
> right user (in case it has to be forced in between cron runs).

sudo isn't installed on the server. I never liked sudo much (that's a
whole different discussion so I won't go into that right now) but I
could install it if really needed. I rather just keep thing simple,
though. Run a script every so often that chgrp's and chmod's and be done
with it.

Because, there are things done manually such as symlinks in the patches
directory. That's just easier if somebody can run 'ln -s" without having
to write a wrapper script around it that runs the script as user 'httpd'
or whatever user. If a wrapper script isn't used, we will need a script
running as root to chown the files to 'httpd' or somebody, then chmod
and chgrp it, so I don't think we can really get away from a
fix-permissions.sh script ala cleancvs.sh to ensure for one hundred
precent that all is well at any given time, no matter how or who made a
previous update.

-- 
Gerard Beekmans
http://www.linuxfromscratch.org
http://www.beekmansworld.com

/* Linux Consultant --- OSDN / DevChannel *
 * Technical Writer --- CheapBytes        */

/* If Linux doesn't have the solution, you have the wrong problem */





More information about the website mailing list