[Bug 1302700] Re: Use of NamedTemporaryFile creates rings with restricted permissions

James Page james.page at ubuntu.com
Fri Apr 4 16:32:26 UTC 2014 

I'm using the 1.13.1 rc1 for Icehouse:

swift:
  Installed: 1.13.1~rc1-0ubuntu1
  Candidate: 1.13.1~rc1-0ubuntu1
  Version table:
 *** 1.13.1~rc1-0ubuntu1 0
        500 http://archive.ubuntu.com/ubuntu/ trusty-proposed/universe amd64 Packages
        100 /var/lib/dpkg/status
     1.13.0-0ubuntu1 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages


** Description changed:

  https://github.com/openstack/swift/commit/c6cebb6e621a245c9c2d5bff0df59689b0140373
  introduced the use of NamedTemporaryFile when writing rings; this
  creates files with 0600 permissions by default, so when the file is
- renamed to the actual ring filename, it have different permissions to
- those created by earlier versions.
+ renamed to the actual ring filename, it has different permissions to
+ those created by earlier versions of swift.
  
  We use the root account to create rings, but swift-proxy runs as the
  swift user and as a result can read the rings.

** Tags added: icehouse-rc-potential

** Description changed:

  https://github.com/openstack/swift/commit/c6cebb6e621a245c9c2d5bff0df59689b0140373
  introduced the use of NamedTemporaryFile when writing rings; this
  creates files with 0600 permissions by default, so when the file is
  renamed to the actual ring filename, it has different permissions to
  those created by earlier versions of swift.
  
  We use the root account to create rings, but swift-proxy runs as the
- swift user and as a result can read the rings.
+ swift user and as a result can't read the rings.

** Also affects: swift (Ubuntu Trusty)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to swift in Ubuntu.
https://bugs.launchpad.net/bugs/1302700

Title:
  Use of NamedTemporaryFile creates rings with restricted permissions

To manage notifications about this bug go to:
https://bugs.launchpad.net/swift/+bug/1302700/+subscriptions

More information about the Ubuntu-server-bugs mailing list