| View previous topic :: View next topic |
| Author |
Message |
^marcs
Apprentice
Joined: 09 Mar 2005
Posts: 169
|
 Posted: Sat Apr 21, 2012 10:06 am Post subject: keeping distfiles on remote cifs share (permissions hell) |
 |
|
Hello,
I want to keep distfiles on samba remote share, but i want to keep it a bit secure, so i dont want to make that share accessible and RW for all.
What i did so far.
Created user "storage" on samba server, made "distfiles" dir in his home directory and shared it only for him and root
| Code: | [distfiles]
comment=Distfiles directory
path = /home/storage/distfiles
read only = no
valid users = storage root |
Now when I want to upload some files from my local distfiles to remote share, i get an error saying that owner cannot be changed (local
distfiles are owned by "portage" user) and then all files that lands on server have their ownership changed to "storage". My guess its because "storage" user can't chown files to "portage" user, not sure tho.
So, i mounted it again as root user, then everything went fine, ownership is preserved and everyting is cool - almost...when i emerge something on client and distfile is being downloaded from gentoo mirror i get an error saying it cannot write to distfiles dir .... goooooooosh
| Code: | >>> Emerging (1 of 5) perl-core/Term-ANSIColor-3.20.0
* Fetching files in the background. To view fetch progress, run
* `tail -f /var/log/emerge-fetch.log` in another terminal.
bash: /var/portage/distfiles/.__portage_test_write__:Permission denied
>>> Downloading 'gentoo.prz.rzeszow.pl/distfiles/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied
>>> Downloading 'http://www.cpan.org/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Brak dostępu
>>> Downloading 'http://search.cpan.org/CPAN/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied
!!! Couldn't download 'Term-ANSIColor-3.02.tar.gz'. Aborting.
* Fetch failed for 'perl-core/Term-ANSIColor-3.20.0', Log file:
* '/var/tmp/portage/perl-core/Term-ANSIColor-3.20.0/temp/build.log' |
Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.
I hope someone get anything from what i said here.
It drives me crazy so any explanation or tips are welcomed. |
|
| Back to top |
|
 |
cwr
Veteran
Joined: 17 Dec 2005
Posts: 1969
|
| Posted: Sat Apr 21, 2012 10:57 am Post subject: |
|
|
Portage uses lockfiles in /usr/portage/distfiles/.locks, or used to - I haven't checked recently.
It therefore needs write access to the distfiles directory. I edited /usr/lib/portage/pym/portage.py
and added a PORT_LOCKDIR variable set in make.conf, which moved the lock to /var/lock/portage,
but all that stuff now seems to be in locks.py
You may have to do something like that, but check a current version of portage first.
Will |
|
| Back to top |
|
|
^marcs
Apprentice
Joined: 09 Mar 2005
Posts: 169
|
| Posted: Sat Apr 21, 2012 2:06 pm Post subject: |
|
|
Thanks for reply, but i don't like this solution, it should be doable another way, just by setting right perms.
Problem is there is thousand places where it can be set. |
|
| Back to top |
|
|
keenblade
Veteran
Joined: 03 Oct 2004
Posts: 1087
|
| Posted: Sun May 20, 2012 8:05 pm Post subject: |
|
|
^marcs, have you found a solution?
I have filed a bug report at b.g.o for very similar problem. Probably the same.
| Quote: |
Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.
|
You are right. Since udisks2 is getting rid of /media and instead now using /run/media/$USERNAME/$DEVICE, portage can't write to remote or external storage. Now I can't emerge any package.
I have an usb disk for distfiles. Since this disk mounted as my user, it seems portage can't write to it for some permission problem. The problem is portage already has the necessary permissions but fails to operate write actions, since the disk mounted for my regular user.
_________________
Anyway it's all the same at the end...
Need help to get it working: "x-fi surround 5.1" |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
|
| Back to top |
|
|
John R. Graham
Administrator
Joined: 08 Mar 2005
Posts: 10756
Location: Somewhere over Atlanta, Georgia
|
| Posted: Sun May 20, 2012 8:25 pm Post subject: |
|
|
I'm with Jaglover. Also, since CIFS doesn't support the same permissions model as the typical *nix filesystem, it's not going to work perfectly. I use a central NFS share for /usr/portage/distfiles and it works remarkably well. I sync a local copy of the rest of /usr/portage to most machines so that Portage will work when offline, but, I've shared it before as well.
- John
_________________
I can confirm that I have received between 0 and 499 National Security Letters. |
|
| Back to top |
|
|
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
| Posted: Sun May 20, 2012 8:45 pm Post subject: |
|
|
I'm currently having the whole portage along with distfiles in an NFS share and everything works great, I created user and group gentoo:gentoo in the remote box and mapped it to remote root access.
Regarding using different protocols sharing the same directory it works just fine. Once I had a directory shared over Samba, AFP, NFS and HTTP same time and all worked great.
_________________
My Gentoo installation notes.
Please learn how to denote units correctly! |
|
| Back to top |
|
|
^marcs
Apprentice
Joined: 09 Mar 2005
Posts: 169
|
| Posted: Mon May 21, 2012 4:41 am Post subject: |
|
|
| Quote: | | ^marcs, have you found a solution? |
Nope, I did too switched to NFS - and it's working just fine  |
|
| Back to top |
|
|
|
Networking & Security
