site  contact  subhomenews

Setting up permissions under /files take-3

June 16, 2023 — BarryK

"take-2" is here:

https://bkhome.org/news/202305/setting-up-permissions-under-files-take-2.html

Easy 5.4 was released, but then we discovered that 'cupsd' objected to /usr/libexec/cups/cgi-bin having permissions 775, instead of 755:

https://forum.puppylinux.com/viewtopic.php?p=91460#p91460

And Easy 5.4.1 was released to fix this.

The potential problem remains, that /etc/profile has "umask 002", which will cause newly-created folders and files to have 775 permissions.

Just in case any other program objects to 775, I have decided to restore "umask 022" in /etc/profile, instead have "umask 002" only in certain apps. Initially, only for ROX-Filer. See github commit:

https://github.com/bkauler/woofq/commit/981bea5d0bb1c98456fdbdb8d11057a776d4056f

The situation came about because a human-user created a folder under /file/media/images, but then Vivaldi was unable to write into that folder.

/files and everything under it has the owner:group root:filesgrp and 2755 permissions (prior to 5.4). So, the folder that the human-user created would have root:filesgrp and 2755, and since Vivaldi runs as user 'vivaldi' it cannot write inside that folder. Changing the folder to 2775 fixed it, as user 'vivaldi' belongs to group 'filesgrp'.

The human-user would be running as 'root' and will most likely have used ROX-Filer to create that folder. So, running rox with umask 002 fixes that specific problem.

I have also changed /root to 700 permissions, so that apps such as Vivaldi are unable to see into /root:

https://github.com/bkauler/woofq/commit/436858c3208afa8ba6c365dd9463d22b5d8c6b09   

Tags: easy