Well, guess it's a bit more than that when it comes to ZSS permissions. Here's some excerpts from the RPM spec file I built for ZEO storage server. NeoPortal User (nportal) is the user under which I run ZEO and stuff. I added comments here and there, but if you're familiar with RPM specs, you won't have any difficulties figuring this out. ------------- excerpts from ZEO server RPM spec ------------- %pre # script run before installing stuff # neoportal_user is a macro referring to the username globally specified: nportal in this case. echo "Making group %{neoportal_user}" /usr/sbin/groupadd -r -f %{neoportal_user} # /opt/storage/neoportal is where I'm putting dirstorage if [ -z "`id -u %{neoportal_user} 2>/dev/null`" ]; then echo "Making user %{neoportal_user}" /usr/sbin/useradd -r -d /opt/storage/neoportal -s /bin/false -c "NeoPortal User" -g %{neoportal_user} %{neoportal_user} fi %post # script run **after** installing stuff # init.d script /sbin/chkconfig --add neoportal-server # clean up pyc's # /usr/lib/neoportal is INSTANCE_HOME or Zope's home # I'm revmoing byte codes here created by rpmbuild, this ensures that the first time you run ZEO server, python recompiles everything from scratch # not a necessary step find /usr/lib/neoportal -name '*.py[oc]' -exec rm -f '{}' ';' ln -s /usr/lib/neoportal/DirectoryStorage/DirectoryStorageToolkit /usr/lib/neoportal/Products echo "Run \"/etc/init.d/neoportal-server start\" to start NeoPortal Server."
&2
# password snipped out ;-) echo "The default Client NeoPortal administrator userid is 'neoportal' with password 'blahblahblah'." >&2 # if dirstorage is not there, create one if [ ! -d "/opt/storage/neoportal/dirstorage" ]; then echo "Creating the Directory Storage instance." >&2 %{python} $RPM_BUILD_ROOT%{_libdir}/neoportal/DirectoryStorage/mkds.py /opt/storage/neoportal/dirstorage Full chunky # here goes the important part; take a look at permissions I'm giving chown -R root.%{neoportal_user} /opt/storage/neoportal/dirstorage chmod -R 770 /opt/storage/neoportal/dirstorage fi # I run rsyncd over SSH to sync ZSS and ZEO clients echo "" echo "Make sure you run rsyncd daemon." %files # default permissions %defattr(774,root,%{neoportal_user}) %attr(755,root,root) /etc/init.d/neoportal-server # init script %attr(755,root,root) %config(noreplace) /etc/rsyncd.conf # rsyncd config file %attr(700,root,root) %config(noreplace) /etc/rsyncd.passwd # rsyncd passsword %attr(644,root,root) /etc/logrotate.d/neoportal # log rotation conf %attr(755,root,root) /var/log/neoportal # log file %attr(755,root,root) %{_bindir}/* # bin %attr(755,root,root) %{_sbindir}/* # sbin %{_libdir}/neoportal # zope's home %attr(1771,root,%{neoportal_user}) %dir /opt/storage/neoportal # storage home (parent dir to dirstorage) %attr(660,root,%{neoportal_user}) %config(noreplace) %verify(not md5 size mtime) /opt/storage/neoportal/* # dirstorage conf files Hope this helps. I wasted too much time on those permission problems. I really hope others wouldn't have to waste as much time due to lack of relevant docs. If you see something is not working, check persmissions first. All the best, Wankyu Choi --------------------------------------------------------------- Wankyu Choi CEO/President NeoQuest Communications, Inc. http://www.zoper.net http://www.neoboard.net --------------------------------------------------------------- -----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org] On Behalf Of Paul Winkler Sent: Wednesday, April 30, 2003 10:01 PM To: zope@zope.org Subject: Re: [Zope] DirectoryStorage & ZEO... how? On Wed, Apr 30, 2003 at 06:10:27PM +0900, Wankyu Choi wrote:
Here's how I do it.
1. custom_zodb.py on ZEO Client (snip)
already had something equivalent, thanks
2. start script on ZEO client
(snip) yup.
4. start script on ZEO Storage Server
(snip) exec python /usr/lib/zope/ZEO/start.py -u zope -D -p 8888 -S
1=$ZOPE_HOME/zeo_custom_zodb:Storage \
ok, that's what i thought the -S syntax was, though i wasn't sure about the "1="
4. zeo_custom_zodb.py on ZSS (snip)
aha! for some daft reason i thought that custom_zodb was a magic name. i was wondering how on earth to combine the client and server setup in one custom_zodb... the answer is, "don't" :)
You should sudo to the user ZEO expects ( not root ): create a user for the sole purpose of running ZEO. If you try to run ZEO as root or do not sudo to the ZEO user, you'd end up with ZEO clients waiting forever for answers from ZEO: that is, they'll just hang and you won't know what's happening since ZEO logs nothing about this weirdness even with "STUPID_LOG_SEVERITY=-300". I wasted more than a week to figure out what was going on.
eek! thanks to your message i spent only a few minutes fiddling with permissions. well, actually "find . -exec chown zope {} \;" took quite a long time in my directorystorage ;-)
Hope this helps.
you rock! i'm editing your message into a doc to send to Toby which i hope he'll consider including with the DirectoryStorage docs. -- Paul Winkler home: http://www.slinkp.com "Muppet Labs, where the future is made - today!" _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )