-
-
Notifications
You must be signed in to change notification settings - Fork 320
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DeleteTask not working with ACLs #1088
Comments
@ogmueller I like your idea and we should support acl on other tasks (i.e. mkdir task) as well, but we also have to respect windows support. Any ideas? |
I would like to help, but I have no Windows server at my disposal nor deep knowledge about this topic. As far as I know Windows is using icacls, which are an equivalent to *nix ACLs. There is a github project dealing with windows permissions (https://github.com/stevebauman/WinPerm) |
@ogmueller: What is the output of |
Also, please note that you should look at "effective" permissions. Those are the permissions that are actually checked. In your example, the file
This says that user If you look into the manpage of
What this says is that when you use ACLs, the The problem comes when some code is unaware of existence of ACLs and changes group permissions which actually changes the mask and also the effective permissions of ACLs. |
|
Sorry for not responding earlier. So in this situation (I am referring to the output of
? Under what user do you run Phing? I have just created a
Then I created a file inside this directory - still as root:
When I run a target containing the above
And the file gets deleted:
I can even zero the mask before deleting the file and Phing still deletes it:
What is your output/error when you run the Phing task? And what files are left not deleted (what permissions do they have)? |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
We are using file access control lists (ACLs) on our Linux systems because otherwise, we are not able to delete web server created files (e.g. caches or session files) with a non-root CLI script.
Example: we use
setfacl
on our cache directory likesetfacl -R -m u:www-data:rwX -m u:some-user:rwX cache
If the web server (www-data) is creating files in that folder, it looks like this
or with
getfacl cache/some_file
like thisCurrently those files cannot be delete using DeleteTask like
even though some-user is able to delete those files on the console. The only unusual thing is just, that the console is confirming the removal, if
rm
is used without-f
optionAlternatively you could also use
rm -f cache/some_file
to aviod the confirmation and the file is removed immediately.Would it be possible to enable DeleteTask to delete ACLs (unprotected) files as well? Maybe with an attribute to "force" the delete? (force = true, default = false)
The text was updated successfully, but these errors were encountered: