The weird part here is that the python method had just created the directory in question and the UID on that file is "nobody". So even though the process is the owner of the file it still does not have permission to change the GID. Is there a way to specify what group Zope/Python is running under. What kinds of problems would be associated with changing the group to something other that root? Thanks for you help Daryl, Eric
Eric Shuman wrote:
Using an external python method I am trying to change the group ownership of a directory on a Red Hat 6 server.
The problem is most likely one of permission. If the Zope server is started as the root user, it will change its UID to nobody, and I'd wager that 'nobody' doesn't have permission to -
os.system('chgrp -R extranet /web/htdocs/clients/test')
The files and directories in this path would have to be owned by nobody for this to succeed (which would account for why it's working when you execute it from the command line). If you can't do that, then you may need to write a setuid program/script to perform this task as the person who owns the files/directories (something the other P language does with its setuid interpreter). Regards, Daryl Tester ~Eric
Eric Shuman wrote:
The weird part here is that the python method had just created the directory in question and the UID on that file is "nobody". So even though the process is the owner of the file it still does not have permission to change the GID.
In general, unpriveledged users cannot change group ownership to a group they are not in. Add nobody to the group you want to change it to, and it should work.
Is there a way to specify what group Zope/Python is running under.
If you start Zope with root, Zope runs as nobody. If you start zope as anybody else, Zope runs as that user. good luck, -- ethan mindlace fremen mindlace@imeme.net zope -&- imap email -&- mailing list weave your web with the web at http://imeme.net
mindlace wrote:
In general, unpriveledged users cannot change group ownership to a group they are not in. Add nobody to the group you want to change it to, and it should work.
Double eeek! Ethan's right (slaps morning-brain around the head). In addition, chgrp will report an error to stderr (although you won't see it from within Zope), and os.system() will have returned chgrp's return code status. Something like: def alterwithprejudice(self): "Another test function" import os res = os.system('chgrp -R extranet /path/to/whereever') if res: raise "chgrp", res # Naughty! Strings are deprecated. return None This gives you the added benefit of being able to trap the error from within DTML (with use of <dtml-try> and <dtml-except> tags). "Never, I mean, always check your references." Regards, Daryl Tester
[Eric Shuman, on Thu, 06 Apr 2000] :: The weird part here is that the python method had just created the :: directory in question and the UID on that file is "nobody". So even though :: the process is the owner of the file it still does not have permission to :: change the GID. Is there a way to specify what group Zope/Python is :: running under. What kinds of problems would be associated with changing :: the group to something other that root? Can I ask why you want to do this with an external method? You should be able to pave the way for anything you want right from the shell. Since you're running RH 6.x (and if you haven't already), I'd recommend you read Section 2.3 of the RH Reference Guide which came with your distribution. RedHat uses User-Private Groups, which is unusual among Unices, but very granular, once you understand the rationale and how to add users to other groups, in particular the selective application of chmod 2775 in the right spots. :: >Eric Shuman wrote: :: :: > Using an external python method I am trying to change the group ownership :: > of a directory on a Red Hat 6 server.
Eric Shuman wrote:
The weird part here is that the python method had just created the directory in question and the UID on that file is "nobody".
Eek! And you've caught me with my morning brain, so my answers may be sub-optimal, but here goes. :-) Forget the setuid stuff; this situation doesn't call for it.
What kinds of problems would be associated with changing the group to something other that root?
Depends on who wants access to that directory :-), and what the group permissions are, but that shouldn't cause you the problem you're seeing now.
os.system('chgrp -R extranet /web/htdocs/clients/test')
Firstly (assuming GNU chgrp, or your platform chgrp supports -v), try: os.system('chgrp -v -R extranet /web/htdocs/clients/test >> /tmp/helpme 2>&1') Invoke your method, then check /tmp/helpme for results. Secondly, you should be checking that os.system is returning successfully, and if not, raising an error (just in case it can't find chgrp). Regards, Daryl Tester
participants (4)
-
Daryl Tester -
Eric Shuman -
mindlace -
Patrick Phalen