Package install location for 0700 Directories
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello all,
My name is Chuck and I am new to the list. I am currently working on
building a package based on the ClusterLabs Hawk web GUI. Thanks to the
people in #debian-mentors I have most of the package complete. It works
perfectly in Squeeze and I will be starting builds for Wheezy today or
tomorrow.
However, I still have 1 problem. This package controls entire clusters
(corosync, pacemaker, et al) and thus is designed with directory rights
of 0700 for user hacluster (user used to run corosync). The problem is
that 0700 directories are against policy in /usr/share. However,
lighttpd is the delivery agent for the package and such apps (phpmyadmin
and other web gui's) are usually installed in /usr/share. If I set the
directories at 755 then there is the possibility that any service/script
could execute files in the directory and thus control the cluster.
I had considered moving it all to /var/lib but that doesn't seem to be
correct to me. Is there a better location for the install where I can
actually set 0700 permissions?
Thanks for your comments and ideas,
Charles Williams
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlEYvg0ACgkQIUUjp07y+Zbj0ACfY/mbVMtpIxIyouT18kETpyIy
EisAoKHF0kxNOrTt2xrvGr7FICFAcvK6
=0xgA
-----END PGP SIGNATURE-----
Reply to: