https://pulp.plan.io/https://pulp.plan.io/favicon.ico2020-09-04T14:43:19ZPulpPulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=619722020-09-04T14:43:19Zfao89
<ul><li><strong>Triaged</strong> changed from <i>No</i> to <i>Yes</i></li><li><strong>Sprint</strong> set to <i>Sprint 81</i></li></ul> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=619802020-09-04T14:50:42Zmdepaulo@redhat.com
<ul></ul><p>We were discussing possible solutions on #pulp-meeting:</p>
<ol>
<li>Setting group write on /var/lib/pulp/exports/ (or whatever dirs for allowed_exports_paths) is not sufficient because it will not apply to created directories under it.</li>
<li>Setting an ACL for group write <strong>default</strong> (default ACL is like "inherited") in the installer would solve the problem easily, but users using ext2,3,4 will need to have ACLs enabled in /etc/fstab . And NFSv3 won't support it at all.</li>
<li>umask for the process would solve the problem, but is this feasible?</li>
<li>Updating the application logic to set the perms would solve the problem.</li>
</ol> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=619852020-09-04T15:11:22Zggainey
<ul></ul><p><a href="mailto:mdepaulo@redhat.com" class="email">mdepaulo@redhat.com</a> wrote:</p>
<blockquote>
<p>We were discussing possible solutions on #pulp-meeting:</p>
<ol>
<li>Setting group write on /var/lib/pulp/exports/ (or whatever dirs for allowed_exports_paths) is not sufficient because it will not apply to created directories under it.</li>
<li>Setting an ACL for group write <strong>default</strong> (default ACL is like "inherited") in the installer would solve the problem easily, but users using ext2,3,4 will need to have ACLs enabled in /etc/fstab . And NFSv3 won't support it at all.</li>
<li>umask for the process would solve the problem, but is this feasible?</li>
<li>Updating the application logic to set the perms would solve the problem.</li>
</ol>
</blockquote>
<p>exporters write to whatever directory is specified for them at creation/update time - we don't know it at install-time, it's entirely possible to define ALLOWED_EXPORT_DIRS as ['/']</p>
<p>It "makes sense" (for whatever that is worth :) ) to me that the application insures that, <strong>if</strong> it has to createa directory to export-to, it insures that the end result is a directory that both the app-owner and app-group have write-access to.</p> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=622212020-09-10T20:20:56Zpulpbot
<ul><li><strong>Status</strong> changed from <i>NEW</i> to <i>POST</i></li></ul><p>PR: <a href="https://github.com/pulp/pulpcore/pull/899" class="external">https://github.com/pulp/pulpcore/pull/899</a></p> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=622752020-09-14T20:22:01Zggainey
<ul><li><strong>Status</strong> changed from <i>POST</i> to <i>MODIFIED</i></li></ul><p>Applied in changeset <a class="changeset" title="When export creates a dir, make sure the group can write to it. closes #7459" href="https://pulp.plan.io/projects/pulp/repository/pulpcore/revisions/43f50f7570eae475410a57be5dc8b3b31614fc71">pulpcore|43f50f7570eae475410a57be5dc8b3b31614fc71</a>.</p> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=626052020-09-22T17:44:11Zbmbouterbmbouter@redhat.com
<ul><li><strong>Sprint/Milestone</strong> set to <i>3.7.0</i></li></ul> Pulp - Issue #7459: Make the pulp exporter directories rwx for pulp grouphttps://pulp.plan.io/issues/7459?journal_id=626252020-09-22T19:21:34Zpulpbot
<ul><li><strong>Status</strong> changed from <i>MODIFIED</i> to <i>CLOSED - CURRENTRELEASE</i></li></ul>