Further repo rules?

[Henri Yandell <fl...@gmail.com>]

I'm working on some more monitor scripting. Here's what I thought I
should be looking for:


1) Anything in an ibiblio-rsync repository with SNAPSHOT in it.
2) Anything in an m1 repository called maven-metadata.xml*.
3) Any directory that is not 775
4) Any maven-metadata.xml file that is not 775
5) Any file that is not 755
6) Any file/dir that does not have a group of apcvs


Report is:

These files should not exist - please delete
============================================
1)       9
2)  123

These have incorrect permissions - should be 775
================================================
3)   952
4) 6884

These have incorrect permissions - should be 755
================================================
5)  65810

These files should be owned by apcvs
====================================
6)   9947


The first two seem like obvious ones to check on - how about the rest?
Should we allow 775 or 664, and any group as an owner?

Hen

Re: Further repo rules?

[Henri Yandell <fl...@gmail.com>]

Talked with infra guys about that - it's a worry because it would have
to run as root and people could just do things like making a symlink
to /etc/passwd.

So I'm going the notification route.

Hen

On 7/19/06, Carlos Sanchez <ca...@apache.org> wrote:
> I would really prefer setting the permissions automatically if
> possible instead of chasing people and get it fixed.
>
> On 7/19/06, Henri Yandell <fl...@gmail.com> wrote:
> > I'm working on some more monitor scripting. Here's what I thought I
> > should be looking for:
> >
> >
> > 1) Anything in an ibiblio-rsync repository with SNAPSHOT in it.
> > 2) Anything in an m1 repository called maven-metadata.xml*.
> > 3) Any directory that is not 775
> > 4) Any maven-metadata.xml file that is not 775
> > 5) Any file that is not 755
> > 6) Any file/dir that does not have a group of apcvs
> >
> >
> > Report is:
> >
> > These files should not exist - please delete
> > ============================================
> > 1)       9
> > 2)  123
> >
> > These have incorrect permissions - should be 775
> > ================================================
> > 3)   952
> > 4) 6884
> >
> > These have incorrect permissions - should be 755
> > ================================================
> > 5)  65810
> >
> > These files should be owned by apcvs
> > ====================================
> > 6)   9947
> >
> >
> > The first two seem like obvious ones to check on - how about the rest?
> > Should we allow 775 or 664, and any group as an owner?
> >
> > Hen
> >
>
>
> --
> I could give you my word as a Spaniard.
> No good. I've known too many Spaniards.
>                              -- The Princess Bride
>

Re: Further repo rules?

[Carlos Sanchez <ca...@apache.org>]

I would really prefer setting the permissions automatically if
possible instead of chasing people and get it fixed.

On 7/19/06, Henri Yandell <fl...@gmail.com> wrote:
> I'm working on some more monitor scripting. Here's what I thought I
> should be looking for:
>
>
> 1) Anything in an ibiblio-rsync repository with SNAPSHOT in it.
> 2) Anything in an m1 repository called maven-metadata.xml*.
> 3) Any directory that is not 775
> 4) Any maven-metadata.xml file that is not 775
> 5) Any file that is not 755
> 6) Any file/dir that does not have a group of apcvs
>
>
> Report is:
>
> These files should not exist - please delete
> ============================================
> 1)       9
> 2)  123
>
> These have incorrect permissions - should be 775
> ================================================
> 3)   952
> 4) 6884
>
> These have incorrect permissions - should be 755
> ================================================
> 5)  65810
>
> These files should be owned by apcvs
> ====================================
> 6)   9947
>
>
> The first two seem like obvious ones to check on - how about the rest?
> Should we allow 775 or 664, and any group as an owner?
>
> Hen
>


-- 
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
                             -- The Princess Bride

Re: Further repo rules?

[Niclas Hedhman <ni...@hedhman.org>]

On Thursday 20 July 2006 05:39, Henri Yandell wrote:
> 4) Any maven-metadata.xml file that is not 775
> 5) Any file that is not 755

Files with x flag set?? Nah... IMHO. 664 & 644 respectively.

Cheers
Niclas