Add attribute to skip settings permissions

Question

Add attribute to skip settings permissions

LEDfan opened this issue 9 years ago · comments

Hey. Again thanks for this awesome cookbook 👍

In some situations settings the permissions of a directory is impossible. (Even as root). This is e.g. the case when you have mounted /var/www as a NFS share. (with vagrant)

This isn't really a problem since Apache & nginx are running as the same user who mounted the NFS share. (user vagrant and group vagrant). So the web server has write permission in this situation.

But because Chef fails and an exception is thrown, the cookbook can't finish.

Would it be possible to create an attribute skip_permissions? This would be really great!

Thanks in advance!

Xabier de Zuazo · Answer 1 · Mon Mar 09 2015 20:56:33 GMT+0800 (China Standard Time)

Hi @LEDfan,

What permissions should be skipped? Only the main directory permissions, all the directory permissions or all the directory and file permissions inside /var/www?

Tobia De Koninck · Answer 2 · Fri Mar 13 2015 15:00:52 GMT+0800 (China Standard Time)

Hey.
Al permissions on /var/www when using NFS. This is because NFS doesn't allow to set permissions.
Otherwise this will happen:


================================================================================
==> default: Error executing action `create` on resource 'directory[/var/www/owncloud/apps]'
==> default: ================================================================================
==> default: 
==> default: Errno::EPERM
==> default: ------------
==> default: Operation not permitted @ chown_internal - /var/www/owncloud/apps
==> default: 
==> default: Resource Declaration:
==> default: ---------------------
==> default: # In /tmp/vagrant-chef/a9c9497aab9382bd1c3d19712deea904/cookbooks/owncloud/recipes/default.rb
==> default: 
==> default: 289:   directory dir do
==> default: 290:     owner node[web_server]['user']
==> default: 291:     group node[web_server]['group']
==> default: 292:     mode 00750
==> default: 293:     action :create
==> default: 294:   end
==> default: 295: end
==> default: 
==> default: Compiled Resource:
==> default: ------------------
==> default: # Declared in /tmp/vagrant-chef/a9c9497aab9382bd1c3d19712deea904/cookbooks/owncloud/recipes/default.rb:289:in `block in from_file'
==> default: 
==> default: directory("/var/www/owncloud/apps") do
==> default:   action [:create]
==> default:   retries 0
==> default:   retry_delay 2
==> default:   default_guard_interpreter :default
==> default:   path "/var/www/owncloud/apps"
==> default:   declared_type :directory
==> default:   cookbook_name :owncloud
==> default:   recipe_name "default"
==> default:   mode 488
==> default:   owner "apache"
==> default:   group "apache"
==> default: end

When you don not set the permissions and use NFS the web server will have write/read permissions because it's running as the vagrant user and group.

Tobia De Koninck · Answer 3 · Fri Mar 13 2015 15:15:23 GMT+0800 (China Standard Time)

It are these lines:

Thanks :)

Xabier de Zuazo · Answer 4 · Sat Mar 14 2015 22:17:13 GMT+0800 (China Standard Time)

Closing this. Implemented in #20.