[Clipart] 0.15 Release
jon at rejon.org
Thu Jul 7 23:55:09 PDT 2005
On Fri, 2005-07-08 at 09:29 +0300, Nicu Buculei wrote:
> Jonadab the Unsightly One wrote:
> > Jon Phillips <jon at rejon.org> writes:
> > [Write permissions on incoming folder]
> >>Really, this needs to be changed. Jonadab, can you do this?
> > I don't understand ACLs well enough.
> > Also, right now I can't log in, because the system with my private key
> > on it isn't booting. But even if I resolve that, I still don't have
> > the Access-Control-List foo to solve this one. The directory has
> > clipart as its group and is chmod g+rwx, so it just about has to be an
> > ACL issue. I don't grok ACLs, and have just been using getfacl and
> > setfacl to copy the old ACL from the previous incoming directory each
> > time.
> indeed, the directory has the correct permissions:
> drwxrwxr-x+ 2 jonadab clipart 4096 2005-07-07 11:58 incoming
> but the files inside it not:
> -rwxrwxr--+ 1 www-data www-data 15273 2005-07-04 01:17 goat_simmy_01.gif
> -rwxrwxr--+ 1 www-data www-data 1509 2005-07-04 01:17 goat_simmy_01.rdf
> and this is expected, because the files are saved here by Apache and
> have the apache user and group (www-data).
> files inside a directory does not automatically inherit ACLs from the
> directory, they have ACLs from the use who write them
> as a consequence, I can rename "incoming" to "incoming-pre-0.16", but
> the only thing allowed to "goat_simmy_01.gif" is to read it.
You could just write a script to have the webserver delete the file you
would like too...
This should be filed with the fdo site wranglers to get them to add user
www-data to the clipart group and then change all the files in the
chown -R www-data:clipart incoming_folder_whatever_its_name
Or, we should just modify this with a non-existent web based tool (aka,
this needs to be built). I would almost rule in favor of the 2nd
USA PH 510.499.0894
jon at rejon.org
Open Clip Art Library (www.openclipart.org)
More information about the clipart