Proper dir perms in /var/adm/CSCOpx/files/rme/dcma/devfiles

Unanswered Question
Feb 25th, 2009
User Badges:
  • Gold, 750 points or more

It appears the device directories under /var/adm/CSCOpx/files/rme/dcma/devfiles have a watershed moment at the time an LMS 2.6 backup was restored into LMS 3.1. I'm wondering what the correct dir perms should be.


before Nov 29, 2008

drwxr-xr-x


after

drwxr-x---

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Wed, 02/25/2009 - 11:36
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Permissions just have to allow casuser read and write. However, for security reasons, you probably want to go with:


casuser:casusers 0640

yjdabear Wed, 02/25/2009 - 11:53
User Badges:
  • Gold, 750 points or more

Would the removable of the executable bit cause problem for the LMS web server navigating these dirs?


Can the overly lax perms be tightened in the restorebackup.pl script or elsewhere so it doesn't recur after another restore?

Joe Clarke Wed, 02/25/2009 - 12:13
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

The executable bit on a directory means "allow search." Without this, you would not be able to enumerate a directory's contents. It's generally required if you want to allow read access to a directory. do not remove this.


The permissions should be restored exactly how they were when the backup was taken. We use "tar cfph" even on LMS 2.6. And we use xvhpf on restore.

Actions

This Discussion