[clo-devel] project 'trac' directory write access to the project group
Hans Hübner
hans.huebner at gmail.com
Thu Sep 8 05:51:48 UTC 2011
Hi Anton,
presumably, the trac directory has a different group because trac
wants to store files in there (session information, uploads and the
like). Maybe you can find out exactly what the web server needs to
write to (i.e. use trac, see what files and directories change) and
then chgrp those files that the web server needs no write access to.
If you could share your findings, we can make that setup be part of
the standard trac setup.
Thanks!
Hans
On Thu, Sep 8, 2011 at 2:31 AM, Anton Vodonosov <avodonosov at yandex.ru> wrote:
> Hello.
>
> As I see, all the file system content of project directories has the group owner named after the project name.
> Except for the 'trac' subdirectory, which has group owner = 'www-data'.
>
> For example:
>
> # cd /project/cl-openid
> # ls -l
>
> total 16
> drwxrwsr-x 3 mpasternacki cl-openid 4096 Jun 5 04:55 cvsroot
> lrwxrwxrwx 1 postfix cl-openid 30 Sep 24 2008 ftp -> /var/ftp/pub/project/cl-openid
> drwxrwsr-x 4 mpasternacki cl-openid 4096 Aug 16 12:59 public_html
> drwxrwsr-x 7 mpasternacki cl-openid 4096 May 5 2008 svn
> drwxrwsr-x 10 mpasternacki www-data 4096 May 16 2008 trac
>
> In result, the project members other than the directory owner can't use trac-admin or
> edit trac.ini.
>
> Is there a way to overcome this, other than every time assigning the user owner of the
> 'trac' directory to the project member desiring to change the files?
>
> I assume we can't just change the group owner to cl-openid here, because www-data
> needs write access to 'trac' directory (when the trac python code tries to save something
> there).
>
> Best regards,
> - Anton
>
> _______________________________________________
> clo-devel mailing list
> clo-devel at common-lisp.net
> http://lists.common-lisp.net/cgi-bin/mailman/listinfo/clo-devel
>
More information about the clo-devel
mailing list