Re: How to Deal with files created dynamically

To: debian-mentors@lists.debian.org
Subject: Re: How to Deal with files created dynamically
From: Matt Zagrabelny <mzagrabe@d.umn.edu>
Date: Wed, 28 Jul 2010 09:01:37 -0500
Message-id: <[🔎] AANLkTik-a2qrxyZspyEQTRV_nVRUyR05ugSpdv0G9cT9@mail.gmail.com>
In-reply-to: <[🔎] 20100728005138.GD4174@hezmatt.org>
References: <[🔎] 1280231590.19625.7.camel@chris-debian-desktop> <[🔎] AANLkTi=gRWqwBLNbAgAdY+WUUP928DaamhknEYjPhFLV@mail.gmail.com> <[🔎] 20100727195236.GB4174@hezmatt.org> <[🔎] 1280262363.26666.4.camel@chris-debian-desktop> <[🔎] AANLkTin7neD7DEM2KuBtoRfBdtib4MRbbZ0QeufmwSdk@mail.gmail.com> <[🔎] 20100728005138.GD4174@hezmatt.org>

On Tue, Jul 27, 2010 at 7:51 PM, Matthew Palmer <mpalmer@debian.org> wrote:
> On Tue, Jul 27, 2010 at 03:47:48PM -0500, Matt Zagrabelny wrote:
>> On Tue, Jul 27, 2010 at 3:26 PM, Chris Baines <cbaines8@gmail.com> wrote:
>> > On Wed, 2010-07-28 at 05:52 +1000, Matthew Palmer wrote:
>> >> On Tue, Jul 27, 2010 at 10:03:42AM -0500, Matt Zagrabelny wrote:
>> >> > On Tue, Jul 27, 2010 at 6:53 AM, Chris Baines <cbaines8@gmail.com> wrote:
>> >> > > Hello Mentors,
>> >> > >
>> >> > > I am looking at creating packages that involve programs that create
>> >> > > caches while running of images or other files. But I am a bit stumped at
>> >> > > what to do with the files they create, both where they are meant to go
>> >> > > and with what permissions.
>> >> >
>> >> > one of these two, I would wager:
>> >> >
>> >> > /var/cache/
>> >> > /var/lib
>> >>
>> >> Scratch /var/lib from that list.  If the data can be recreated from another
>> >> source, then it's cache data and should *not* live in /var/lib.
>> >>
>> >> > As for the permissions
>> >> >
>> >> > root:root 644
>> >>
>> >> If the files are created by root-owned processes, sure.  It kinda smells
>> >> like this is going to be done by a user-run process, which means you won't
>> >> be able to apply that ownership.  You will probably have to revert to
>> >> per-user data stored in the homedir, unless you want to start stuffing
>> >> around with suid wrappers or some such.
>> >>
>> > Yes, the programs are run with user level permissions. While per user
>> > data would be a solution I don't want to use it just to make this
>> > easier. Are there any packages that deal with these problems?
>>
>> You could create a group and then do something like:
>>
>> addgroup newpackage
>> mkdir /var/cache/newpackage
>> chown root:newpackage /var/cache/newpackage
>> chmod 775 /var/cache/newpackage
>
> This is only practical if the cache files are not trusted by the
> application; users can directly manipulate the files and their contents.  It
> must be possible to verify that the cache files are correct before using
> them.
>
> Also, if you're going to go that wild, you may as well just make the
> directory group 'users' or some equally common group.  Also, don't forget
> the g+s and umask 002 to avoid per-user permission nightmares.
>
> In other words: per-user caching ftw.

Matt,

I understand the 'chmod g+s dir', but in what capacity would you
implement the umask command?

-matt

Reply to:

References:
- How to Deal with files created dynamically
  - From: Chris Baines <cbaines8@gmail.com>
- Re: How to Deal with files created dynamically
  - From: Matt Zagrabelny <mzagrabe@d.umn.edu>
- Re: How to Deal with files created dynamically
  - From: Matthew Palmer <mpalmer@debian.org>
- Re: How to Deal with files created dynamically
  - From: Chris Baines <cbaines8@gmail.com>
- Re: How to Deal with files created dynamically
  - From: Matt Zagrabelny <mzagrabe@d.umn.edu>
- Re: How to Deal with files created dynamically
  - From: Matthew Palmer <mpalmer@debian.org>

Prev by Date: Re: RFS: libaosd (updated package)
Next by Date: Re: conflicts/replaces/provides vs. breaks/replaces/provides under policy 3.9.1
Previous by thread: Re: How to Deal with files created dynamically
Next by thread: Re: How to Deal with files created dynamically
Index(es):
- Date
- Thread