• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Fog user rights

    Scheduled Pinned Locked Moved
    FOG Problems
    6
    10
    3.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Joseph HalesJ
      Joseph Hales Testers
      last edited by

      Silly question probably, should the fog user be in the sudoers file or have any rights besides general user. I have a new Ubuntu 14 setup with SVN and have noticed that rights to images and the snapins folders didn’t work right until I made fog the owner and chmod 777 both directory’s I am having a few other issues that might be related.

      RTFM

      1 Reply Last reply Reply Quote 0
      • george1421G
        george1421 Moderator
        last edited by george1421

        Just to add a bit of correlation to your post.

        I noticed this when I was working on a POC setup.

        On my master fog server the files and folders under /images are owned by root.root with a file mode of 777 (realize I may have done the mode 777 when trying to get the master node to work many months ago. I installed 1.2.0 on this and then upgraded to the latest trunk builds over the months.

        On my storage node the replicator created the image files (same as on the master node) being owned by fog.fog with a mode of 755. The storage node was just setup with 1.2.0 and then immediately updated to the latest trunk build.

        To answer your question about fog being a sudoer, from a security standpoint I would say no. This should remain a low level account.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

        1 Reply Last reply Reply Quote 1
        • Tom ElliottT
          Tom Elliott
          last edited by

          Sudoers is not required but if you want the fog user to be able elevate rights you can add them.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • Joseph HalesJ
            Joseph Hales Testers
            last edited by

            What folders should I check rights on besides snapins and images ? /opt/fog?

            RTFM

            1 Reply Last reply Reply Quote 0
            • george1421G
              george1421 Moderator
              last edited by

              I think we need to get a bit of clarity from the Developers on this one.

              On my main node the snapins folder is owned by fog.apache but on my storage node the snapins folder is owned by root.root.

              As I posted below on my storage node the /images folder is owned by fog.fog and on my main node /images is owned by root.root.

              There doesn’t seem to be any consistency between the user /group and a functioning system (so to speak). But since we are having this discussion something must be amiss here.

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              1 Reply Last reply Reply Quote 1
              • Tom ElliottT
                Tom Elliott
                last edited by

                Root root is what most items are defaulted to, but fog:fog is technically the most correct. However, most of the file systems are setup with 777 which the owner group does not matter. The variance is because replication is using the fog user. The fog user cannot create files as the root user. So replication or anything handled by ftp will only be set to the person moving the files. In our default case, this is fog.

                The local fog in opt fog snapins is installed with permissions of fog.apache just so the gui doesn’t have to ftp to itself and the web user can still interact with the files. Hopefully that makes sense.

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 2
                • Wayne WorkmanW
                  Wayne Workman
                  last edited by

                  We should write a script that sets all the permissions back to the defaults…

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                  Daily Clean Installation Results:
                  https://fogtesting.fogproject.us/
                  FOG Reporting:
                  https://fog-external-reporting-results.fogproject.us/

                  Scott BS 1 Reply Last reply Reply Quote 1
                  • Joseph HalesJ
                    Joseph Hales Testers
                    last edited by

                    yes please

                    RTFM

                    1 Reply Last reply Reply Quote 0
                    • Scott BS
                      Scott B @Wayne Workman
                      last edited by

                      @Wayne-Workman said:

                      We should write a script that sets all the permissions back to the defaults…

                      That would be awesome.

                      1 Reply Last reply Reply Quote 0
                      • cmlC
                        cml Moderator
                        last edited by

                        I created this script from various install files:

                        https://github.com/AdmissionRegret/utils/blob/master/fog-resetpermissions.sh

                        wget https://raw.githubusercontent.com/AdmissionRegret/utils/master/fog-resetpermissions.sh
                        chmod +x fog-resetpermissions.sh
                        
                        1 Reply Last reply Reply Quote 1
                        • 1 / 1
                        • First post
                          Last post

                        227

                        Online

                        12.0k

                        Users

                        17.3k

                        Topics

                        155.2k

                        Posts
                        Copyright © 2012-2024 FOG Project