You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@covalent.net> on 1998/01/26 21:23:39 UTC
Forward: http://www.apache.org/docs/misc/howto.html
I get a "Forbidden" error when I access this page:
http://www.apache.org/docs/misc/howto.html
"You don't have permission to access /docs/misc/howto.html on this
server."
Vern
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Brian Behlendorf <br...@organic.com>.
At 09:47 AM 1/27/98 +0000, Ben Laurie wrote:
>Dean Gaudet wrote:
>> I much prefer systems set up like redhat boxes -- with "user private
>> groups". Every user has a private group containing only that user. Their
>> homedirs are in that group, with g+s set. Then there's absolutely no
>> reason to use a umask other than 002 or 007 because nobody else is in the
>> group that your files default to. But when you work in a shared group
>> directory, which has the g+s bit set (causing new files to default their
>> group to the same as the directory), you'll be guaranteed to set the
>> permissions properly.
>
>Isn't that what FreeBSD does, too?
The "adduser" program does indeed default to creating a group with the same
name as the user being created.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
specialization is for insects brian@organic.com
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Ben Laurie <be...@algroup.co.uk>.
Dean Gaudet wrote:
> I much prefer systems set up like redhat boxes -- with "user private
> groups". Every user has a private group containing only that user. Their
> homedirs are in that group, with g+s set. Then there's absolutely no
> reason to use a umask other than 002 or 007 because nobody else is in the
> group that your files default to. But when you work in a shared group
> directory, which has the g+s bit set (causing new files to default their
> group to the same as the directory), you'll be guaranteed to set the
> permissions properly.
Isn't that what FreeBSD does, too?
Cheers,
Ben.
--
Ben Laurie |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd, |http://www.algroup.co.uk/Apache-SSL
London, England. |"Apache: TDG" http://www.ora.com/catalog/apache
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Dean Gaudet <dg...@arctic.org>.
Or you could do this:
# mv /usr/local/bin/cvs /usr/local/bin/cvs.real
# cat >/usr/local/bin/cvs <<EOF
#!/bin/sh
umask 002
exec cvs.real ${1+"$@"}
EOF
# chmod +x /usr/local/bin/cvs
Because it fixes all the permission problems we have with new directories,
new files, yadda yadda. A umask of 077 is deadly in any situation where
you work in a group.
I much prefer systems set up like redhat boxes -- with "user private
groups". Every user has a private group containing only that user. Their
homedirs are in that group, with g+s set. Then there's absolutely no
reason to use a umask other than 002 or 007 because nobody else is in the
group that your files default to. But when you work in a shared group
directory, which has the g+s bit set (causing new files to default their
group to the same as the directory), you'll be guaranteed to set the
permissions properly.
It's too bad this requires so many changes to so many tools to get it
right.
Dean
On Mon, 26 Jan 1998, Brian Behlendorf wrote:
> At 03:37 PM 1/26/98 -0500, Rodent of Unusual Size wrote:
> >Randy Terbush wrote:
> >>
> >> Subject: http://www.apache.org/docs/misc/howto.html
> >> Date: Mon, 26 Jan 1998 20:01:29 +0000
> >> From: Vern Hart <ve...@hart.com>
> >> To: apache@apache.org
> >>
> >> I get a "Forbidden" error when I access this page:
> >>
> >> http://www.apache.org/docs/misc/howto.html
> >
> >Those are Brian's changes.. Oh, Briii-annnnn.. <g>
>
> Hmm - I did change my umask recently to be 077. I thought umask always
> applied to new files, not existing ones? Aha, but emacs makes new files
> and renames them. Okay, I'll watch permissions better next time. I did
> catch that this was happening earlier and fixed most cases, looks like I
> missed one or two.
>
> Brian
>
>
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> specialization is for insects brian@organic.com
>
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Brian Behlendorf <br...@organic.com>.
At 03:37 PM 1/26/98 -0500, Rodent of Unusual Size wrote:
>Randy Terbush wrote:
>>
>> Subject: http://www.apache.org/docs/misc/howto.html
>> Date: Mon, 26 Jan 1998 20:01:29 +0000
>> From: Vern Hart <ve...@hart.com>
>> To: apache@apache.org
>>
>> I get a "Forbidden" error when I access this page:
>>
>> http://www.apache.org/docs/misc/howto.html
>
>Those are Brian's changes.. Oh, Briii-annnnn.. <g>
Hmm - I did change my umask recently to be 077. I thought umask always
applied to new files, not existing ones? Aha, but emacs makes new files
and renames them. Okay, I'll watch permissions better next time. I did
catch that this was happening earlier and fixed most cases, looks like I
missed one or two.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
specialization is for insects brian@organic.com
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Marc Slemko <ma...@worldgate.com>.
Fixed.
On Mon, 26 Jan 1998, Rodent of Unusual Size wrote:
> Randy Terbush wrote:
> >
> > Subject: http://www.apache.org/docs/misc/howto.html
> > Date: Mon, 26 Jan 1998 20:01:29 +0000
> > From: Vern Hart <ve...@hart.com>
> > To: apache@apache.org
> >
> > I get a "Forbidden" error when I access this page:
> >
> > http://www.apache.org/docs/misc/howto.html
>
> Those are Brian's changes.. Oh, Briii-annnnn.. <g>
>
> #ken P-)}
>
Re: Forward: http://www.apache.org/docs/misc/howto.html
Posted by Rodent of Unusual Size <Ke...@Golux.Com>.
Randy Terbush wrote:
>
> Subject: http://www.apache.org/docs/misc/howto.html
> Date: Mon, 26 Jan 1998 20:01:29 +0000
> From: Vern Hart <ve...@hart.com>
> To: apache@apache.org
>
> I get a "Forbidden" error when I access this page:
>
> http://www.apache.org/docs/misc/howto.html
Those are Brian's changes.. Oh, Briii-annnnn.. <g>
#ken P-)}