Replies: 3 comments 3 replies
-
|
Hi Derrick,
First remark that this is a a very old version and is not supported
any more. We also have Debian and I just install the debian community
packages via cfengine website (3.21.3)
Secondly you do not set the `mog` in your example. So it is totally
depended on your client want the mode bits are. I suspect that your
`umask` setting is different between your 2 clients.
Regards
…On 24/11/2023 20:43, D.LIN wrote:
Hi guys,
We are rolling out Debian bookworm to our cluster which is running
Debian bullseye and CFE 3.15.
When testing the new bookworm OS without changing any CFE files we
discovered that some directories which are distributed by CFE contain
incorrect permission.
|bundle agent copy_tigervncserver { files: tigervncserver:: nt
"/usr/local/tigervnc" copy_from => remote_cp
("/usr/local/warehouse/tigervncserver.v.$(def.v_tigervncserver)/tigervnc-$(def.v_tigervncserver).x86_64"), depth_search => recurse("inf"); !tigervncserver:: "/usr/local/tigervnc" delete => tidy; } |
And the log from cf-agent:
|~# bin/run-cf-agent info: Created parent directory for
'/usr/local/tigervnc' info: Created directory '/usr/local/tigervnc/usr'
info: Object '/usr/local/tigervnc/usr' had permissions 0700, changed it
to 0775 info: Created directory '/usr/local/tigervnc/usr/etc' info:
Object '/usr/local/tigervnc/usr/etc' had permissions 0700, changed it to
0775 info: Created directory '/usr/local/tigervnc/usr/etc/tigervnc'
info: Object '/usr/local/tigervnc/usr/etc/tigervnc' had permissions
0700, changed it to 0775 info: Copied file
'/usr/local/warehouse/tigervncserver.v.1.11.0/tigervnc-1.11.0.x86_64/usr/etc/tigervnc/vncserver.users' from '10.197.85.13' to '/usr/local/tigervnc/usr/etc/tigervnc/vncserver.users.cfnew' info: Moved '/usr/local/tigervnc/usr/etc/tigervnc/vncserver.users.cfnew' to '/usr/local/tigervnc/usr/etc/tigervnc/vncserver.users' info: Object '/usr/local/tigervnc/usr/etc/tigervnc/vncserver.users' had permissions 0600, changed it to 0644 info: Updated file '/usr/local/tigervnc/usr/etc/tigervnc/vncserver.users' from '10.197.85.13:/usr/local/warehouse/tigervncserver.v.1.11.0/tigervnc-1.11.0.x86_64/usr/etc/tigervnc/vncserver.users' .... |
The copied directory /usr/local/tigervnc has permission 700 but the
source directory is 775. From the log above it appears CFE created the
parent dir but not changing it permission, it did 700 -> 775 change to
the data under the parent directory.
This issue is not observed in our Debian bullseye CFE 3.15 setup, so
wondering if we missed something new…
Regards,
Derrick
—
Reply to this email directly, view it on GitHub
<#5385>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADJKBYWLNSNKOERIHTFBDLYGD2GPAVCNFSM6AAAAAA7ZQJ67WVHI2DSMVQWIX3LMV43ERDJONRXK43TNFXW4OZVHA4DONZYGQ>.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
--
Bas van der Vlies
| High Performance Computing & Visualization | SURF| Science Park 140 |
1098 XG Amsterdam
| T +31 (0) 20 800 1300 | ***@***.*** | www.surf.nl |
|
Beta Was this translation helpful? Give feedback.
-
|
Hi, we do not use ‘mog’. We actually implemented our own ‘remote_cp’ and rely on preserve: Looking at the cf-agent output, it does chmod for all files and directories except the parent directory it created at the very top. Cheers |
Beta Was this translation helpful? Give feedback.
-
|
I use this `depth_search` body standard in cfengine lib:
```
body depth_search recurse_with_base(d)
# @brief Search files and directories recursively up to the specified
# depth, starting from the base directory excluding directories on
# other devices.
#
# @param d The maximum search depth
{
depth => "$(d)";
xdev => "true";
include_basedir => "true";
}
```
|
Beta Was this translation helpful? Give feedback.
-
|
Right, |
Beta Was this translation helpful? Give feedback.
-
|
@klin938 did you get this working as expected? |
Beta Was this translation helpful? Give feedback.
-
|
Hi guys, Just an update that adding We temporary patched the issue by using mog() for now. We only know that the exact the same promise policy works in version 3.15 on our older machines (pending for bookworm upgrade). It seems that Cheers |
Beta Was this translation helpful? Give feedback.
-
Hi guys,
We are rolling out Debian bookworm to our cluster which is running Debian bullseye and CFE 3.15.
When testing the new bookworm OS without changing any CFE files we discovered that some directories which are distributed by CFE contain incorrect permission.
And the log from cf-agent:
The copied directory /usr/local/tigervnc has permission 700 but the source directory is 775. From the log above it appears CFE created the parent dir but not changing it permission, it did 700 -> 775 change to the data under the parent directory.
This issue is not observed in our Debian bullseye CFE 3.15 setup, so wondering if we missed something new…
Regards,
Derrick
Beta Was this translation helpful? Give feedback.
All reactions