[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Package install location for 0700 Directories

Hash: SHA1

Hello all,

My name is Chuck and I am new to the list. I have already posted this
to debian-mentors but was advised to post here as well.

I am currently working on building a package based on the ClusterLabs
Hawk web GUI. Thanks to the people in #debian-mentors I have most of
the package complete. It works perfectly in Squeeze and I will be
starting builds for Wheezy today or tomorrow.

However, I still have 1 problem. This package controls entire clusters
(corosync, pacemaker, et al) and thus is designed with directory rights
of 0700 for user hacluster (user used to run corosync). The problem is
that 0700 directories are against policy in /usr/share. However,
lighttpd is the delivery agent for the package and such apps (phpmyadmin
and other web gui's) are usually installed in /usr/share. If I set the
directories at 755 then there is the possibility that any service/script
could execute files in the directory and thus control the cluster.

I had considered moving it all to /var/lib but that doesn't seem to be
correct to me. Is there a better location for the install where I can
actually set 0700 permissions?

Thanks for your comments and ideas,
Charles Williams
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/


Reply to: