Edgewall Software
Modify

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#12144 closed enhancement (fixed)

TracInstall fails restrictive umask

Reported by: Robert.C.Jacobson@… Owned by: Ryan J Ollos
Priority: normal Milestone: 1.0.9
Component: wiki system Version: 1.0.8
Severity: normal Keywords:
Cc: Branch:
Release Notes:

Added suggested umask to TracInstall documentation.

API Changes:

Description

Part of the federal security baseline is to set umask 0077 system-wide. Unfortunately, that means when you follow the TracInstall wiki, all of the python eggs are setup with permissions that are too restrictive for Trac to function with Apache; e.g. Trac*.egg has permissions 600 and it needs to be 644.

TracInstall wiki page needs a section regarding restrictive umasks; the easiest solution is to suggest setting your umask to 0002 at the start of the install process.

Attachments (0)

Change History (4)

comment:1 by Ryan J Ollos, 4 years ago

We could add a brief statement at TracInstall#InstallingTrac, also mentioning that it is assumed the administrator has elevated permissions, typically running the installation steps as root.

comment:2 by Ryan J Ollos, 4 years ago

Owner: set to Ryan J Ollos
Release Notes: modified (diff)
Status: newassigned

Documented in TracInstall@420 and merged in 1.1/TracInstall@43.

comment:3 by Ryan J Ollos, 4 years ago

Resolution: fixed
Status: assignedclosed

comment:4 by robert.c.jacobson@…, 4 years ago

I just realized I made a typo in the suggested umask — it should be 0022, not 0002. I updated the TracInstall page to use umask 0022

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Ryan J Ollos.
The resolution will be deleted. Next status will be 'reopened'.
to as closed The owner will be changed from Ryan J Ollos to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.