[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rawhide, /mnt/koji and /pub/fedora



So I realized something last night.  We created a user "masher" to have
the ability to write to /mnt/koji/mash/ but not any of the other koji
space.  This is useful to prevent too much damage from a horribly wrong
rawhide compose.  To make things easier in the rawhide compose configs,
we decided to run the cron/scripts as the masher user.  This is also
good because it means things run unprivileged.  However I ran into a
snag.  We have another user, 'ftpsync' that has write access
to /pub/fedora/.  Previously the rawhide script was ran as root, and
thus it was no problem to su ftpsync for the rsync calls.  The masher
user does not possess the capability of doing this.

Since the ftpsync user is only really used to sync data onto the Fedora
netapp, I propose that we collapse ftpsync and masher into one user
(masher).  It'll require minimal puppet changes, mostly just moving some
cron jobs from ftpsync over to masher.  It will require UID changes,
either changing masher to the ftpsync UID (which breaks our new range we
just setup), or chmodding some stuff on the Fedora netapp and changing
what UID has write access there.

For now, I'm syncing rawhide by hand.

Comments?
-- 
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]