Date: Fri, 05 Feb 2010 09:42:57 +0100 From: Bernhard Froehlich <decke@bluelife.at> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: freebsd-ports@FreeBSD.org Subject: Re: Redmine files not executable, but log files are executable Message-ID: <7805bd35c38120cb4ca95a8fd1c9e1ec@bluelife.at> In-Reply-To: <4B6B614F.9080107@quip.cz> References: <4B6B614F.9080107@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 05 Feb 2010 01:07:43 +0100, Miroslav Lachman <000.fbsd@quip.cz>
wrote:
> Hi,
>
> I am new to installation of www/redmine from ports. I am surprised that
> all redmine files are not executable. Including files which should be
> executed by startup script etc. (I mean files in script/ directory,
> mainly script/server)
> These files are executables in the original source tar archive.
>
> What is more surprising is that after reinstall or upgrade of redmine,
> there are executable bits set on logfiles, because of recursive chmod in
> redmine/Makefile:
>
> .for f in files log tmp public/plugin_assets
> ${CHMOD} -R 755 ${WWWDIR}/${f}
> .endfor
>
> redmine/# find . -type f -perm +0111 -ls
> 321080 2 -rwxr-xr-x 1 www www 374 May 28 2009
> ./public/plugin_assets/README
> 14111 2 -rwxr-xr-x 1 www www 36 Sep 13 14:10 ./files/delete.me
> 321079 2 -rwxr-xr-x 1 www www 51 May 28 2009
./log/production.log
> 14119 2 -rwxr-xr-x 1 www www 36 Sep 13 14:10 ./log/delete.me
>
>
> I know that the first problem is caused by COPYTREE_SHARE in do-install:
> and I am asking if it is really necesarry to have all files set to 0444,
> I think those few files should be installed executable as in the
> original archive.
> And chmod for directories should be not recursive to not set executable
> bits on files from previous installation.
>
> So my proposal is use chmod without -R on directories only:
>
> .for f in files log tmp tmp/cache tmp/sessions tmp/sockets
> public/plugin_assets
> ${CHMOD} 755 ${WWWDIR}/${f}
> .endfor
>
> And to set 0554 on files in scripts/ directory
>
> .for f in about breakpointer console destroy generate plugin runner
server
> ${CHMOD} 0555 ${WWWDIR}/script/${f}
> .endfor
>
> (and maybe some files in script/performance + script/process too)
>
> What you think about that?
Yes, that's true. All files should be non executable beyond /usr/local/www
so the COPYTREE_SHARE is right but the chmod -R should only be made for
directories and is obviously wrong.
Scripts shouldn't be beyond /usr/local/www. Honestly I've never used one
of
them so I'm not sure if they do work at all. It's probably better to have
them somewhere else but they do use relative paths to include code so they
are obviously not designed to work anywhere else outside of the redmine
paths.
The log directory should be in /var/log/redmine too so it looks like it's
time
to split the redmine directories up and have some deeper thought about the
port.
I don't know what webserver redmine admins expect and how they integrate
it
into their configuration. Personally I've written a startscript that uses
www/rubygem-thin as webserver behind nginx but the out of the box version
is
mongrel. Haven't decided yet what to do but i could write startscripts for
common ruby servers and let the user choose with option he wants.
Thanks for the report and i will have a look at the issues soon.
--
Bernhard Fröhlich
http://www.bluelife.at/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7805bd35c38120cb4ca95a8fd1c9e1ec>