10 messages in com.perforce.perforce-userpermissions on files| From | Sent On | Attachments |
|---|---|---|
| Ryan...@inktomi.com | 21 Sep 1998 17:09 | |
| Ryan...@inktomi.com | 21 Sep 1998 17:29 | |
| WesP...@softweyr.com | 21 Sep 1998 17:54 | |
| Ryan...@inktomi.com | 21 Sep 1998 19:07 | |
| Step...@vance.com | 21 Sep 1998 19:16 | |
| Step...@vance.com | 21 Sep 1998 21:39 | |
| Fred...@mydata.se | 22 Sep 1998 01:40 | |
| Ryan...@inktomi.com | 22 Sep 1998 11:22 | |
| Ryan...@inktomi.com | 22 Sep 1998 11:25 | |
| Dave...@vignette.com | 22 Sep 1998 11:41 |
| Subject: | permissions on files |
|---|---|
| From: | Step...@vance.com (Step...@vance.com) |
| Date: | 09/21/1998 09:39:37 PM |
| List: | com.perforce.perforce-user |
Ryan Hamilton wrote:
On Mon, 21 Sep 1998, Stephen Vance wrote:
Sorry, I guess that my explanation was not very clear. If a user syncs the file //depot/foo, I'd like the permissions to be 440. However, if that same user syncs //depot/bar I'd like it to have the standard permissions of 444. My hope is that I can have perforce do this for me without having to have the users do this themselves. Is that clearer? is it possible?
Thanks,
Ryan
Clear enough to make me wonder what you are trying to accomplish. What is the purpose of having the permissions end up like this? Should you be using the Perforce protections instead?
So what I would like to do is store the file /etc/sudoers in perforce so that any changes made to this file would be recorded. But the catch is that the sudo program requires that /etc/sudoers be chmodded 440 in order to work correctly. As far as I know perforce protections would not help in this issue right? I don't care who reads this file, but unfortunately for me, sudoers does.
Whee... Any ideas?
Ryan
Sounds like you should permit it only to root and make sure root's umask achieves the desired result. That is the only secure avenue I see. A umask of 007 and a p4 sync give you the permissions you need, but the per-user access you need requires protections.
I'm sure /etc/sudoers needs to be owned by root, as well, so it wouldn't do any good for it to have 440 if it was owned by a user, yes? Besides, allowing it to be fully writable by anyone in the depot would circumvent the same security sudo is trying to give you by its requirements on file ownership and permissions.
--- ======================================================================= Stephen Vance | mailto:steve at vance.com | http://www.vance.com =======================================================================
A computer programmer is a machine for turning coffee into programs. --- Paraphrase of the late mathematician Paul Erdo"s