You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Nick Bailey (JIRA)" <ji...@apache.org> on 2012/06/18 23:14:42 UTC
[jira] [Created] (CASSANDRA-4355) Better debian packaging
permissions
Nick Bailey created CASSANDRA-4355:
--------------------------------------
Summary: Better debian packaging permissions
Key: CASSANDRA-4355
URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
Project: Cassandra
Issue Type: Bug
Reporter: Nick Bailey
The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nick Bailey updated CASSANDRA-4355:
-----------------------------------
Attachment: 0001-Better-permissions-in-deb-package-v2.patch
After talking offline, decided the only thing to do for this ticket is to correctly chown the /etc/cassandra directory
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Attachments: 0001-Better-permissions-in-deb-package-v2.patch, 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Brandon Williams (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brandon Williams updated CASSANDRA-4355:
----------------------------------------
Reviewer: thepaul
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Attachments: 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nick Bailey updated CASSANDRA-4355:
-----------------------------------
Attachment: 0001-Better-permissions-in-deb-package.patch
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Attachments: 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nick Bailey updated CASSANDRA-4355:
-----------------------------------
Fix Version/s: 1.2
1.1.2
1.0.11
0.8.11
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Fix For: 0.8.11, 1.0.11, 1.1.2, 1.2
>
> Attachments: 0001-Better-permissions-in-deb-package-v2.patch, 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396292#comment-13396292 ]
Nick Bailey commented on CASSANDRA-4355:
----------------------------------------
Actually I was wrong. The 'cassandra:' syntax does make the cassandra group the group for the files. The addition of /etc/cassandra and /usr/share/cassandra is still desirable though.
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Attachments: 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396296#comment-13396296 ]
Nick Bailey commented on CASSANDRA-4355:
----------------------------------------
I'm also wondering if there are any generally accepted practices regarding giving the cassandra group itself write permissions to these directories/files.
>From the perspective of someone writing a monitoring application, I would like to be able to have our packaging create its own user and add that user to the cassandra group, and at that point have read/write access to configuration files/snapshots/other things.
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Attachments: 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "Nick Bailey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nick Bailey updated CASSANDRA-4355:
-----------------------------------
Assignee: Nick Bailey
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (CASSANDRA-4355) Better debian packaging
permissions
Posted by "paul cannon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CASSANDRA-4355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13397835#comment-13397835 ]
paul cannon commented on CASSANDRA-4355:
----------------------------------------
I thought the outcome of the discussion was that the monitoring application should probably chgrp /etc/cassandra on its own, and add its own user to that group.
I'm -1 on cassandra having write permissions on its own config, unless it's config intended to be written and updated by software (in which case it should go in /var).
> Better debian packaging permissions
> -----------------------------------
>
> Key: CASSANDRA-4355
> URL: https://issues.apache.org/jira/browse/CASSANDRA-4355
> Project: Cassandra
> Issue Type: Bug
> Reporter: Nick Bailey
> Assignee: Nick Bailey
> Fix For: 0.8.11, 1.0.11, 1.1.2, 1.2
>
> Attachments: 0001-Better-permissions-in-deb-package-v2.patch, 0001-Better-permissions-in-deb-package.patch
>
>
> The debian package creates a cassandra user for the process to run as. It chowns /var/lib/cassandra and /var/log/cassandra, but it doesn't grant group level access to these files. It should do a 'chown cassandra:cassandra ...' so that users in the cassandra group can also access those files. Also we should chown /etc/cassandra and any other files/directories created.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira