Closed Bug 144285 Opened 22 years ago Closed 22 years ago

checksetup.pl fails to set data dir (and other dir) permissions properly

Categories

(Bugzilla :: Installation & Upgrading, defect)

Product:
Bugzilla
Component:
Installation & Upgrading
Platform:
All
Linux
Type:
defect
Priority:
Not set
Severity:
blocker

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.16

People

(Reporter: michael, Assigned: bbaetz)

Details

(Whiteboard: want for 2.16rc2)

Attachments

(1 file, 4 obsolete files)

v5
1.08 KB, patch
justdave
: review+
myk
: review+
Details | Diff | Splinter Review 
On a clean installation (tar xzvf) of 2.61rc1, I do the following (Debian woody):

# checksetup.pl
(localconfig created)
# vi localconfig
(edit bug db password, change $webservergroup to www-data)
# checksetup.pl 
(finish setup)

Now, when I access index.cgi, I get the following error:

Software error:
Can't create data/params.22949 at defparams.pl line 59.

Looking at the data directory, it's owned by root:root, mode 771.  This probably explains the problem.
Target Milestone: --- → Bugzilla 2.16
Doh. We need to fixPerms data, not just chmod it. jp: does this affect that
other patch, too?
No idea if this helps, but this is what I found:

When I tried to reproduce with 2.14.1 BRANCH code, checksetup chgrp()ed
everything in the directory, including data to the user I specified in
webservergroup, although it did NOT do so to all (any?) of the files *in* data/

But, justdave commented on IRC that the patch we're backporting to the
2.14.1-BRANCH might have been what broke it... so...
2.14 didn't change naything inside data, IIRC.
Attached patch v1 (obsolete) — Splinter Review 
fixPerms 'data' and 'graphs'
-> me
Assignee: zach → bbaetz
Keywords: patch, review
Comment on attachment 84155 [details] [diff] [review]
v1

r= justdave
Attachment #84155 - Flags: review+
Attached patch v2 (obsolete) — Splinter Review 
The previous patch didn't change the permissions of the data directory itself;
only the contents.  This patch fixes that.
Err. That patch is then recursive in the case where we do have a webservergroup.
We don't want to change the contents of the data directory, do we?
Attached patch v3 (obsolete) — Splinter Review 
I don't think we want to change permissions/ownership on the contents of the
directory, at least not at this point (we may want to reconsider this for
2.17), but we do want to change the ownership of the directory itself.	The
problem is that fixPerms doesn't do that, but the fix is simple.  Here's a
combination of bbaetz' patch (v1) and a fix to make fixPerms always change the
permissions of the file(s) it gets handed whether they are actual files or
directories.
Attached patch v4 (obsolete) — Splinter Review 
Same as v3 but with a redundant chown removed.
Attachment #84819 - Attachment is obsolete: true
Comment on attachment 84155 [details] [diff] [review]
v1

This is the right fix, although incomplete since a bug in fixPerms prevents it
from working right.  r=myk on this part of the fix.
Attachment #84155 - Flags: review+
Comment on attachment 84821 [details] [diff] [review]
v4

r= justdave

looks good to me.  What was the bug in fixPerms?  Looks like it was set to only
chown a directory if it was going to be recursed (which we weren't doing with
data).	You fixed that, by the look of it, so it always chowns a directory
whether we're planning to recurse it or not.
Attachment #84821 - Flags: review+
Comment on attachment 84821 [details] [diff] [review]
v4

Theres the comment:

# do not change permissions on directories here unless $do_dirs is set

which you seem to be ignoring, now. Any idea why the comment was added? I don't
have a problem with changing it (in which case you should remove the comment,
too), but someone must have had a reason at some point...
What is do_dirs supposed to do?
$do_dirs tells it to recurse a directory.  If directories are found inside the
list of files matched, it recurses them and does everything inside them, too.

I think the intent was that if you did fixPerms(glob "*") or whatever that it
wouldn't change permissions on directories that were found inside the loop.
(Which is correctly what it should be doing so we don't muck with the CVS
directory for example).

So what actually needs to happen here is it needs to keep track of whether it
was called only with that directory or if the directory was obtained as part of
a glob.  If it was referenced explicitly, then change permissions on it, if it
was part of a glob, ignore it.
Whiteboard: want for 2.16rc2
Attachment #84155 - Attachment is obsolete: true
OK, well, with this patch, it appers to chown non recursed directories, but not
chmod them ...  I don't see why this would be the case - you might need an extra
branch of the if.

If you're going to change the behaviour of do_dirs to do the dir but not recurse
it you should check all call sites.  But personally, I'm not sure why we would
want to change the behaviour to make it possible to not recurse.  Or even why we
need to have an option at all.

CVS shouldn't be a problem, it is already handled especially in that code.

Also, why doesn't data have do_dirs, in either case?
data shouldn't have do-dirs because we set the permissions of stuff under there
specially.
Then please rename do_dirs to recurse.
Bleh.

Maybe we should just chown data directly, rather than fuss with all this at this
stage?
Sounds like a good plan to me, Brad.
Attached patch v5Splinter Review 
OK, take 5!
Attachment #84523 - Attachment is obsolete: true
Attachment #84821 - Attachment is obsolete: true
Comment on attachment 86000 [details] [diff] [review]
v5

r= justdave
Attachment #86000 - Flags: review+
Comment on attachment 86000 [details] [diff] [review]
v5

r=myk

Moving right along.
Attachment #86000 - Flags: review+
Checked in, trunk + branch:

Checking in checksetup.pl;
/cvsroot/mozilla/webtools/bugzilla/checksetup.pl,v  <--  checksetup.pl
new revision: 1.154; previous revision: 1.153
done

Checking in checksetup.pl;
/cvsroot/mozilla/webtools/bugzilla/checksetup.pl,v  <--  checksetup.pl
new revision: 1.149.2.5; previous revision: 1.149.2.4
done
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: