infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <>
Subject [jira] [Commented] (INFRA-14471) Hermes: ensure new apmail files/dirs have group:r(+x) perms
Date Thu, 24 Aug 2017 09:51:00 GMT


Sebb commented on INFRA-14471:

Unfortunately, recent mailing lists don't have the correct permissions:
drwx------  10 apmail  apmail  39 Aug 24 07:47
drwx------  10 apmail  apmail  36 Aug 24 00:42

Within the directories, only subscribers files are readable by group; they are also world-readable.

> Hermes: ensure new apmail files/dirs have group:r(+x) perms
> -----------------------------------------------------------
>                 Key: INFRA-14471
>                 URL:
>             Project: Infrastructure
>          Issue Type: Task
>          Components: Mailing Lists
>            Reporter: Sebb
>            Assignee: Gavin
> It was agreed that the apmail group should have read access to files/dirs under apmail.
This means apmail users can avoid using sudo except when they need to update something. Also
group read access is necessary for an apmail read-only role (INFRA-14404).
> It appears that new mailing lists are being created without the required access. 
> Not sure how best to fix this. There are various options:
> - update the mail creation script so it creates files/dirs with the desired permissions
(umask ?)
> - update the script to chmod the new part of directory tree just before exit
> - add default ACLs to apmail directories
> - add a cronjob to fix the incorrect permissions
> - something else?

This message was sent by Atlassian JIRA

View raw message