Date: Fri, 05 Feb 2010 09:42:57 +0100 From: Bernhard Froehlich <decke@bluelife.at> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: freebsd-ports@FreeBSD.org Subject: Re: Redmine files not executable, but log files are executable Message-ID: <7805bd35c38120cb4ca95a8fd1c9e1ec@bluelife.at> In-Reply-To: <4B6B614F.9080107@quip.cz> References: <4B6B614F.9080107@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 05 Feb 2010 01:07:43 +0100, Miroslav Lachman <000.fbsd@quip.cz> wrote: > Hi, > > I am new to installation of www/redmine from ports. I am surprised that > all redmine files are not executable. Including files which should be > executed by startup script etc. (I mean files in script/ directory, > mainly script/server) > These files are executables in the original source tar archive. > > What is more surprising is that after reinstall or upgrade of redmine, > there are executable bits set on logfiles, because of recursive chmod in > redmine/Makefile: > > .for f in files log tmp public/plugin_assets > ${CHMOD} -R 755 ${WWWDIR}/${f} > .endfor > > redmine/# find . -type f -perm +0111 -ls > 321080 2 -rwxr-xr-x 1 www www 374 May 28 2009 > ./public/plugin_assets/README > 14111 2 -rwxr-xr-x 1 www www 36 Sep 13 14:10 ./files/delete.me > 321079 2 -rwxr-xr-x 1 www www 51 May 28 2009 ./log/production.log > 14119 2 -rwxr-xr-x 1 www www 36 Sep 13 14:10 ./log/delete.me > > > I know that the first problem is caused by COPYTREE_SHARE in do-install: > and I am asking if it is really necesarry to have all files set to 0444, > I think those few files should be installed executable as in the > original archive. > And chmod for directories should be not recursive to not set executable > bits on files from previous installation. > > So my proposal is use chmod without -R on directories only: > > .for f in files log tmp tmp/cache tmp/sessions tmp/sockets > public/plugin_assets > ${CHMOD} 755 ${WWWDIR}/${f} > .endfor > > And to set 0554 on files in scripts/ directory > > .for f in about breakpointer console destroy generate plugin runner server > ${CHMOD} 0555 ${WWWDIR}/script/${f} > .endfor > > (and maybe some files in script/performance + script/process too) > > What you think about that? Yes, that's true. All files should be non executable beyond /usr/local/www so the COPYTREE_SHARE is right but the chmod -R should only be made for directories and is obviously wrong. Scripts shouldn't be beyond /usr/local/www. Honestly I've never used one of them so I'm not sure if they do work at all. It's probably better to have them somewhere else but they do use relative paths to include code so they are obviously not designed to work anywhere else outside of the redmine paths. The log directory should be in /var/log/redmine too so it looks like it's time to split the redmine directories up and have some deeper thought about the port. I don't know what webserver redmine admins expect and how they integrate it into their configuration. Personally I've written a startscript that uses www/rubygem-thin as webserver behind nginx but the out of the box version is mongrel. Haven't decided yet what to do but i could write startscripts for common ruby servers and let the user choose with option he wants. Thanks for the report and i will have a look at the issues soon. -- Bernhard Fröhlich http://www.bluelife.at/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7805bd35c38120cb4ca95a8fd1c9e1ec>