From: Michael F. <mic...@tr...> - 2010-08-03 02:03:23
|
I would like to have the yaws server write any new files with a umask of 002, so that another user in the yaws group can modify, move, or delete files created by the yaws server. I am running yaws 1.84 on Ubuntu 10.04. I did not find any configuration option for the yaws.conf. I tried adding to the config file /etc/default/yaws umask 002 but did not work. I also tried changing the init script, /etc/init.d/yaws: script="$DAEMON -I $YAWS_ID $@" to script="umask 002; $DAEMON -I $YAWS_ID $@" This did work, but I'm not sure editing the init script is the best way of making this easy to document and configure on multiple machines. I also found a reference to the pam_umask module here (http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask) and edited /etc/pam.d/common-session, adding the line: session optional pam_umask.so umask=022 Then running the command: sudo chfn -o "umask=002" yaws to add a umask setting to /etc/passwd. This also worked, but only for non-interactive, non-login shells such as the yaws server daemon. For login shells you need to also remove umask setting from /etc/profile, otherwise it overrides settings made by the pam_umask module. Which is the better way to set the umask for the yaws server? Or is there another way? I have also asked this question on serverfault.com: http://serverfault.com/questions/166176/ways-to-set-umask-on-ubuntu-for-daemon-processes Thanks for any other suggestions, Michael PS: I apologize if this is duplicated, I tried sending a message earlier before subscribing to the list. |
From: Steve V. <vi...@ie...> - 2010-08-03 03:33:04
|
On Mon, Aug 2, 2010 at 9:45 PM, Michael Foley <mic...@tr...> wrote: > I would like to have the yaws server write any new files with a umask of > 002, so that another user in the yaws group can modify, move, or delete > files created by the yaws server. I am running yaws 1.84 on Ubuntu > 10.04. > > I did not find any configuration option for the yaws.conf. > > I tried adding to the config file /etc/default/yaws > umask 002 > but did not work. > > I also tried changing the init script, /etc/init.d/yaws: > script="$DAEMON -I $YAWS_ID $@" > to > script="umask 002; $DAEMON -I $YAWS_ID $@" > This did work, but I'm not sure editing the init script is the best way > of making this easy to document and configure on multiple machines. As far as implementing this in yaws itself goes, I believe modifying the yaws script is the only viable way of doing this. Setting it in the config file doesn't help because as far as I know there are no facilities within Erlang for setting a process umask (though if you're using R13B04 or later you can easily write a NIF to do it -- the code is trivial). I have a patch ready that adds a --umask option to the yaws startup script, but I'd like to wait until Klacke offers his opinion that it's the right way to go before I push it to github. --steve |
From: Claes W. <kl...@ta...> - 2010-08-03 05:01:15
|
On 08/03/2010 05:32 AM, Steve Vinoski wrote: > I have a patch ready that adds a --umask option to the yaws startup > script, but I'd like to wait until Klacke offers his opinion that it's > the right way to go before I push it to github. > That is indeed exactly the right way to go about it. /klacke |
From: Steve V. <vi...@ie...> - 2010-08-03 05:17:10
|
On Tue, Aug 3, 2010 at 1:01 AM, Claes Wikstrom <kl...@ta...> wrote: > On 08/03/2010 05:32 AM, Steve Vinoski wrote: > >> I have a patch ready that adds a --umask option to the yaws startup >> script, but I'd like to wait until Klacke offers his opinion that it's >> the right way to go before I push it to github. >> > > That is indeed exactly the right way to go about it. Great, I pushed the changes up. --steve |