You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Plume is, by default, dropping privileges to the user nobody.
This only happens after the whole code was run once as root, privileges are only dropped afterwards when running transforms.
This can cause problems with permissions with for example logging, file creation, ...
You can easily reproduce this by creating a file or folder within the code (outside of a function):
os.mkdir('/tmp/testing_plume')
Start twistd:
twistd --pidfile=/var/run/plume.pid --rundir=/var/plume --uid=65534 --gid=1001 --no_save --nodaemon web --wsgi=canari.tas.plume.application --port=tcp:8080
Notice the folder is owned by root and not nobody:
root@ubuntu:/var/plume# ls -al /tmp/
drwxrwxrwt 10 root root 4096 Dec 25 20:59 .
drwxr-xr-x 24 root root 4096 Dec 25 14:25 ..
drwxr-xr-x 2 root root 4096 Dec 25 17:43 testing_plume
I however have no idea yet on how to prevent this from happening.
To work around this, either move all the code to functions, or change permissions os.chmod('/tmp/testing_plume', mode=0o777) which is not the best.
The text was updated successfully, but these errors were encountered:
Plume is, by default, dropping privileges to the user
nobody.This only happens after the whole code was run once as root, privileges are only dropped afterwards when running transforms.
This can cause problems with permissions with for example logging, file creation, ...
You can easily reproduce this by creating a file or folder within the code (outside of a function):
Start
twistd:Notice the folder is owned by
rootand notnobody:I however have no idea yet on how to prevent this from happening.
To work around this, either move all the code to functions, or change permissions
os.chmod('/tmp/testing_plume', mode=0o777)which is not the best.The text was updated successfully, but these errors were encountered: