New package: yacy-1.941#58140
Conversation
|
Pull Requests become stale 90 days after last activity and are closed 14 days after that. If this pull request is still relevant bump it or assign it. |
| # INSTALL | ||
| case "$ACTION" in | ||
| post) | ||
| chown -R _yacy:_yacy /var/lib/yacy |
There was a problem hiding this comment.
Is this really needed? The directory should be empty if you create it with make_dirs and the service runs as that user already so new files should already have the right owner.
There was a problem hiding this comment.
Had been awhile since I looked at this. If I don't have this install script, the files within are all owned by root instead.
There was a problem hiding this comment.
Why are they in /var/lib and why do they need to be owned by the less privileged user? Usually you do privilege separation to avoid writing things they shouldn't.
There was a problem hiding this comment.
Revisiting this. Removed the INSTALL file. /var/lib/yacy itself ends up owned by _yacy but the files within are all owned by root. Is this typical or acceptable? I'm not seeing the root ownership of other common void package services (like tor, transmission etc). The INSTALL file chowned everything by _yacy. So far though, in testing I can run yacy itself without issue.
Wondering if my vmkdir and vcopy are causing files within to be owned by root.
There was a problem hiding this comment.
My main issue is that its a bit weird that the code is mixed with whatever needs to be writable in /var.
There was a problem hiding this comment.
Usually static assets and code are in /usr, not /var. /var/lib being writable is fine if its not the program itself.
There was a problem hiding this comment.
Yes I find it odd that everything is in the same dir. I can experiment with putting the executables in /usr/bin too then (and /usr/share for other static assets).
3 participants
Testing the changes
New package
Local build testing
Some backstory. Originally the tagged source releases on github stopped after 2016, though yacy was still being developed, and had already compiled downloads on their main page yacy.net. I and others created github issues on the yacy_search_server project asking for tagged source releases, and finally they delivered. I had old defunct templates (that never got merged) that didn't technically compile the program the way this template does but installed yacy, but this approach is better.