Modify ↓
#12144 closed enhancement (fixed)
TracInstall fails restrictive umask
| Reported by: | Owned by: | Ryan J Ollos | |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.0.9 |
| Component: | wiki system | Version: | 1.0.8 |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: |
Added suggested |
||
| API Changes: | |||
| Internal Changes: | |||
Description
Part of the federal security baseline is to set umask 0077 system-wide. Unfortunately, that means when you follow the TracInstall wiki, all of the python eggs are setup with permissions that are too restrictive for Trac to function with Apache; e.g. Trac*.egg has permissions 600 and it needs to be 644.
TracInstall wiki page needs a section regarding restrictive umasks; the easiest solution is to suggest setting your umask to 0002 at the start of the install process.
Attachments (0)
Change History (4)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
| Owner: | set to |
|---|---|
| Release Notes: | modified (diff) |
| Status: | new → assigned |
Documented in TracInstall@420 and merged in 1.1/TracInstall@43.
comment:3 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
comment:4 by , 9 years ago
I just realized I made a typo in the suggested umask — it should be 0022, not 0002. I updated the TracInstall page to use umask 0022
Note:
See TracTickets
for help on using tickets.
We could add a brief statement at TracInstall#InstallingTrac, also mentioning that it is assumed the administrator has elevated permissions, typically running the installation steps as
root.