Stephan Kulow (coolo@suse.de) wrote:
Am 14.02.2012 11:17, schrieb Adrian Schröter:
There are no obs boot scripts running on developer workstations who use this just via osc.
Right! And so it's pointless to have it owned by obsrun if no obs runs. "nobody" will do.
Well, this raises the question of security. Something called /var/cache/obs is clearly system-wide, but we don't want to allow multiple users on a non-OBS-server share the same cache (01777 permissions), because one user could poison the cache and cause another user to build trojaned packages. 01755 would work for the download_files service, but not for tar_scm where any user needs to be able to trigger an update of an existing cache entry (e.g. git pull). One way to do make cache poisoning difficult would be to make the source service set[ug]id obsrun, but of course history has shown that making a shellscript set[ug]id is generally a Bad Idea, and it still wouldn't protect against network hijacking. So maybe the best option is to stick with per-user caching, which is of course safe. I don't think it would be too wasteful, because in most cases outside the OBS server, there is only one developer per machine, and even if there are more, they are most likely building different packages anyway. obsrun and /var/cache/obs would only be used on the build server, so they should be set up by an obs-server / obs-filesystem package or similar, not the source services. If you agree, I'll remove them from the .spec files. When I added this caching layer to the tar_scm source service, I copied Adrian's configuration pattern from the download_files service: # config options for this host ? if [ -f /etc/obs/services/$SERVICE ]; then . /etc/obs/services/$SERVICE fi # config options for this user ? if [ -f "$HOME"/.obs/$SERVICE ]; then . "$HOME"/.obs/$SERVICE fi So then the server-only package would set up /etc/obs/services too. It would be nice if something automatically enabled the per-user cache though. Maybe osc could do this? -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org