Ubuntu
keystone package

Merge lp:~gandelman-a/ubuntu/precise/keystone/lp900553 into lp:~ubuntu-server-dev/keystone/essex

  1. Precise (12.04)
  2. lp900553
  3. Merge into essex
Proposed by Adam Gandelman
Status: Merged
Merged at revision: 48
Proposed branch: lp:~gandelman-a/ubuntu/precise/keystone/lp900553
Merge into: lp:~ubuntu-server-dev/keystone/essex
Diff against target: 29 lines (+9/-3)
2 files modified
debian/changelog (+7/-0)
debian/keystone.postinst (+2/-3)
To merge this branch: bzr merge lp:~gandelman-a/ubuntu/precise/keystone/lp900553
Reviewer Review Type Date Requested Status
Chuck Short (community) Approve
Review via email: mp+84663@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Resubmitting this to the correct packaging branch.

Revision history for this message
Chuck Short (zulcss) wrote :

lgtm

review: Approve
lp:~gandelman-a/ubuntu/precise/keystone/lp900553 updated
48. By Chuck Short

debian/keystone.postinst: Remove redundant chgrp. Also tighten permissions
on /var/lib/keystone and /etc/keystone (LP: #900553)

Revision history for this message
Scott Moser (smoser) wrote :

the only comment i have is really on the previous code that was here:
If the user had set up for one of these directories to be symlinked
elsewhere, the chown will not correctly affect the target.

example:
$ mkdir /tmp/tmpx
$ touch /tmp/tmpx/foo
$ ls -l /tmp/tmpx/foo
-rw-rw-r-- 1 smoser smoser 0 Dec 6 15:16 /tmp/tmpx/foo
$ ln -snf /tmp/tmpx /tmp/tmpx.link
$ ls -l /tmp/tmpx/foo /tmp/tmpx.link
-rw-rw-r-- 1 smoser smoser 0 Dec 6 15:16 /tmp/tmpx/foo
lrwxrwxrwx 1 smoser smoser 9 Dec 6 15:17 /tmp/tmpx.link -> /tmp/tmpx
$ sudo chown -R root:root /tmp/tmpx.link
$ ls -l /tmp/tmpx/foo /tmp/tmpx.link
-rw-rw-r-- 1 smoser smoser 0 Dec 6 15:16 /tmp/tmpx/foo
lrwxrwxrwx 1 root root 9 Dec 6 15:17 /tmp/tmpx.link -> /tmp/tmpx
$ sudo chown -R root:root /tmp/tmpx.link/
$ ls -l /tmp/tmpx/foo /tmp/tmpx.link
-rw-rw-r-- 1 root root 0 Dec 6 15:16 /tmp/tmpx/foo
lrwxrwxrwx 1 root root 9 Dec 6 15:17 /tmp/tmpx.link -> /tmp/tmpx

Basically, I think you should have the trailing / on the directories.

Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Ah, good catch. Thanks, Scott. Pushed an update containing the trailing /'s

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2011-12-02 14:40:38 +0000
3+++ debian/changelog 2011-12-06 20:04:23 +0000
4@@ -1,3 +1,10 @@
5+keystone (2012.1~e2~20111202.1379-0ubuntu2) UNRELEASED; urgency=low
6+
7+ * debian/keystone.postinst: Remove redundant chgrp. Also tighten permissions
8+ on /var/lib/keystone and /etc/keystone (LP: #900553)
9+
10+ -- Adam Gandelman <adamg@canonical.com> Tue, 06 Dec 2011 11:44:53 -0800
11+
12 keystone (2012.1~e2~20111202.1379-0ubuntu1) precise; urgency=low
13
14 * New upstream release.
15
16=== modified file 'debian/keystone.postinst'
17--- debian/keystone.postinst 2011-12-02 14:40:38 +0000
18+++ debian/keystone.postinst 2011-12-06 20:04:23 +0000
19@@ -12,9 +12,8 @@
20 then
21 addgroup --system keystone >/dev/null
22 fi
23- chown keystone:keystone -R /var/lib/keystone /var/log/keystone
24- chgrp keystone -R /var/lib/keystone /var/log/keystone
25- chmod 0700 /var/log/keystone
26+ chown keystone:keystone -R /var/lib/keystone /var/log/keystone /etc/keystone
27+ chmod 0700 /var/lib/keystone /var/log/keystone /etc/keystone
28
29 fi
30

Subscribers

People subscribed via source and target branches