[Clipart] 0.15 Release

Jon Phillips jon at rejon.org
Thu Jul 7 23:55:09 PDT 2005 

On Fri, 2005-07-08 at 09:29 +0300, Nicu Buculei wrote:
> Jonadab the Unsightly One wrote:
> > Jon Phillips <jon at rejon.org> writes:
> > 
> > [Write permissions on incoming folder]
> > 
> > 
> >>Really, this needs to be changed. Jonadab, can you do this?
> > 
> > 
> > I don't understand ACLs well enough.
> > 
> > Also, right now I can't log in, because the system with my private key
> > on it isn't booting.  But even if I resolve that, I still don't have
> > the Access-Control-List foo to solve this one.  The directory has
> > clipart as its group and is chmod g+rwx, so it just about has to be an
> > ACL issue.  I don't grok ACLs, and have just been using getfacl and
> > setfacl to copy the old ACL from the previous incoming directory each
> > time.
> 
> indeed, the directory has the correct permissions:
> drwxrwxr-x+  2 jonadab  clipart       4096 2005-07-07 11:58 incoming
> 
> but the files inside it not:
> -rwxrwxr--+ 1 www-data www-data  15273 2005-07-04 01:17 goat_simmy_01.gif
> -rwxrwxr--+ 1 www-data www-data   1509 2005-07-04 01:17 goat_simmy_01.rdf
> 
> and this is expected, because the files are saved here by Apache and 
> have the apache user and group (www-data).
> 
> files inside a directory does not automatically inherit ACLs from the 
> directory, they have  ACLs from the use who write them
> 
> as a consequence, I can rename "incoming" to "incoming-pre-0.16", but 
> the only thing allowed to "goat_simmy_01.gif" is to read it.

You could just write a script to have the webserver delete the file you
would like too...

This should be filed with the fdo site wranglers to get them to add user
www-data to the clipart group and then change all the files in the
incoming:

	chown -R www-data:clipart incoming_folder_whatever_its_name

Or, we should just modify this with a non-existent web based tool (aka,
this needs to be built). I would almost rule in favor of the 2nd
solution.

Jon

-- 
Jon Phillips

USA PH 510.499.0894
jon at rejon.org
http://www.rejon.org

Inkscape (http://inkscape.org)
Open Clip Art Library (www.openclipart.org)

More information about the clipart mailing list