Opened 10 years ago

Closed 10 years ago

#448 closed defect (fixed)

All files should be owned by root, and writable by all

Reported by: camerons Owned by: live-demo@…
Priority: major Milestone:
Component: OSGeoLive Keywords:
Cc:

Description

Stefan Hansen wrote:

Hi all!

I played in the last couple of days a bit with generating an ISO-image from the VM and ran into a few problems.

One of them is that some install-scripts change the owner of some files outside $HOME to "user". Unfortunately this doesn't go well when you boot from the LiveDVD. The original "user" is deleted, when the ISO is generated, and a new user is created during the boot process (apparently that is the way things have to be). Files that belonged to the old "user" belong on the LiveDVD to the uid=1000, but the new user has the uid=999. Therefore, the new user cannot write these files and some applications won't work (so far I had problems with Geoserver and Degree, but I haven't tested all applications). So Instead of changing the owner of a file or directory, please keep root as owner and just change the access permissions. If you do so, please only change the write-permissions of a file only if you really, really have to. AFAIK everything writable is loaded into the memory, when you boot from the DVD.

cheers, stefan

-- Stefan Hansen Software Engineer LISAsoft

Change history (8)

comment:1 Changed 10 years ago by wildintellect

Here's a report of all the files using the chown command as shown by:

find . -exec grep "chown" '{}' \; -print

If someone has a chance I supposed the recommended replacement is:

chmod a+r <path>
#If you need execute or write
chmod a+xw <path>
chown -R root.users /usr/local/share/gpsdrive/maps
chown -R $USER_NAME:$USER_NAME "$USER_HOME/.gpsdrive"
chown $USER_NAME:$USER_NAME "$USER_HOME/Desktop/gpsdrive.desktop"
./bin/install_gpsdrive.sh
chown -R user:user gisvm
./bin/bootstrap.sh
chown $USER_NAME:$USER_NAME "$USER_HOME/Desktop/geokettle.desktop"
./bin/install_geokettle.sh
chown $USER_NAME:$USER_NAME $USER_HOME/.jump
chown $USER_NAME:$USER_NAME $USER_HOME/.jump/workbench-properties.xml
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/openjump.desktop
./bin/install_openjump.sh
chown user:user /home/user/Desktop/passwords.txt
./bin/setup.sh
chown -R $USER_NAME.$USER_NAME "$USER_HOME/Desktop/qgis.desktop"
./bin/install_qgis.sh
sudo chown -R $USER_NAME:$USER_NAME $GEONETWORK_FOLDER
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/start_geonetwork.desktop
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/stop_geonetwork.desktop
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/geonetwork.desktop
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/GeoNetwork_opensource_v240_Manual.pdf
./bin/install_geonetwork.sh
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/kosmo_1_2_1.desktop
./bin/install_kosmo.sh
chown -R $USER_NAME.$USER_NAME "$USER_HOME/Desktop/qgis.desktop"
./bin/install_qgis.sh~
  chown user:user ~user/Desktop/maptiler.desktop
./bin/install_maptiler.sh
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/uDig.desktop
./bin/install_udig.sh
    chown $USER_NAME:$USER_NAME "/home/$USER_NAME/.$FILE"
./bin/install_postgres.sh
chown $USER_NAME:$USER_NAME $USER_HOME/Desktop/kosmo_2_0_beta.desktop
./bin/install_kosmo_2beta.sh

comment:2 Changed 10 years ago by hamish

I will go through them, but I think all of the ones in ~user/ are harmless.

Unanswered question 1: does the live-iso set the USER account to own anything that is placed in /home/user/? I assume there must be a way to pre-seed files in there besides using /etc/skel/.

Unanswered question 2: if you set the ownership to root.users and then chmod g+w that should be ok, right? As the users group will be statically set to GID 100 regardless of ISO user creation, and belonging to that group is by username in /etc/group, not by UID.

chmod a+xw

try to avoid that if we can.

Hamish

comment:3 Changed 10 years ago by hamish

i.e. is something like this ok:

chmod g+rwX /usr/local/share/grass/
chown root.users /usr/local/share/grass/
adduser $USER_NAME users
ln -s /usr/local/share/grass "$USER_HOME/grassdata"

?, Hamish

comment:4 Changed 10 years ago by hamish

Unanswered question 3: if a directory outside of the home dir is g+w, but the files within it are not, does that entire dir get loaded into RAM, or only new files you put in it?

comment:5 in reply to:  2 ; Changed 10 years ago by shansen

Replying to hamish:

I will go through them, but I think all of the ones in ~user/ are harmless.

Unanswered question 1: does the live-iso set the USER account to own anything that is placed in /home/user/? I assume there must be a way to pre-seed files in there besides using /etc/skel/.

So far I'm using /etc/skel. Is there anything wrong with that?

Unanswered question 2: if you set the ownership to root.users and then chmod g+w that should be ok, right? As the users group will be statically set to GID 100 regardless of ISO user creation, and belonging to that group is by username in /etc/group, not by UID.

Sounds good to me. I will test it, next time I build an iso-image. Hopefully, I have time to do that today.

stefan

comment:6 in reply to:  5 ; Changed 10 years ago by hamish

Replying to hamish:

Unanswered question 1: does the live-iso set the USER account to own anything that is placed in /home/user/? I assume there must be a way to pre-seed files in there besides using /etc/skel/.

Replying to shansen:

So far I'm using /etc/skel. Is there anything wrong with that?

I don't think there is anything wrong with it, I'm just thinking that I'd be surprised if the the ISO generating software didn't reset ownership of everything you put in ~user for you automatically, to save you the trouble versus making you use the slightly circuitous & double space wasting /etc/skel/.

Hamish

comment:7 in reply to:  6 Changed 10 years ago by shansen

Replying to hamish:

Replying to hamish:

Unanswered question 1: does the live-iso set the USER account to own anything that is placed in /home/user/? I assume there must be a way to pre-seed files in there besides using /etc/skel/.

Replying to shansen:

So far I'm using /etc/skel. Is there anything wrong with that?

I don't think there is anything wrong with it, I'm just thinking that I'd be surprised if the the ISO generating software didn't reset ownership of everything you put in ~user for you automatically, to save you the trouble versus making you use the slightly circuitous & double space wasting /etc/skel/.

Atm the content of the user's home-folder is copied to /etc/skel and /home/user (because user's not a system user) is deleted. When you boot from the DVD, it creates a new user on the fly using the stuff in /etc/skel.

stefan

comment:8 Changed 10 years ago by camerons

Resolution: fixed
Status: newclosed

As we have already built an ISO successfully, I think the problems raised in this ticket are out of date and hence will not be relevant to release 2.0.3 or 3.0.

Issue closed by camerons.

Note: See TracTickets for help on using tickets.