[Koha] File permissions for 'koha-dump' backup files
Robin Sheat
robin at catalyst.net.nz
Mon Sep 15 12:15:16 NZST 2014
Steven Nickerson schreef op za 13-09-2014 om 22:34 [-0400]:
> I'm using the package version of 3.16.03 (but I've seen this same
> behavior in several previous versions as well) and am wondering if there is
> a way for me to make it so that the .gz files created under
> /var/spool/koha/<site> are world-readable? Currently they are always owned
> by 'root' and are not readable by either group or everyone else. I
> understand it is a potential security issue, but if I'm willing to accept
> that "risk" is there any way to configure either Koha or the operating
> system user (i.e. root's 'umask' perhaps) so that these files are created as
> readable?
I'm going to start by asking "What is it you are actually trying to
do?", as there may be another way to achieve whatever it is you're
trying to do.
Now for some detail...
So, it's not _quite_ how you describe. There are two types of files
here, one is the SQL and the other is the configs and so on. The SQL is
group readable, the configs .tar.gz isn't. Having the SQL as user
readable is to allow the feature for superlibrarians to be able download
database dumps (good in a hosted environment, for example.)
The simplest way to do what you're asking would be to put a chmod/chown
in the cron.daily/koha-common file that sets the file permissions to be
what it is that you want after the backup process has run. That would
probably be what I would do.
--
Robin Sheat
Catalyst IT Ltd.
✆ +64 4 803 2204
GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
More information about the Koha
mailing list