Comments (4)
daenney
commented on July 16, 2024
My documentation says 'own it', not be able to write to it. chown user:group and chmod +xchmod +w is not the same.
from puppetboard.
daenney
commented on July 16, 2024
I'm all for moving this out of /var/www though because I do see your point, a lot of people have that directory automatically exposed through their HTTPd's so that might cause trouble.
from puppetboard.
sciurus
commented on July 16, 2024
"My documentation says 'own it', not be able to write to it."
I'm a little confused by the distinction you're trying to draw here. With a standard 0022 umask, files will be created with the permissions -rw-r--r-- and directories with drwxr-xr-x. Unless you explicitly document removing write permissions, puppetboard users are going to leave things writable by the web server.
Since I'm not super familiar with mod_wsgi, I wanted to check if there really is a reason the user the application is running as needs to own that file. In my testing it seems the answer is no. If not, I can revise the documentation to change those steps. I can also add a little bit of info about setting puppetboard up on Fedora. If that sounds good let me know and I'll get a PR to you when I have a chance.
from puppetboard.
daenney
commented on July 16, 2024
Ah great. I was always told that the WSGI file needs to be owned by the user it'll run as but it makes sense that read privileges would be enough.
Feel free to send the PR!
from puppetboard.
Related Issues (20)
- memcached enabled and 'Error: no memcache module found'
- Localize timezones on dailyReportsChart
- Regular expressions in the node tab
- Add OpenShift Template to build Puppetboard
- The PUPPETBOARD_URL_PREFIX does not set flask's APPLICATION_ROOT
- system_uptime structured fact does not sort correctly
- Puppetboard 4.3.0 very slow with Chrome Dark Reader extension HOT 1
- Unable to setup puppetboard on ubuntu HOT 1
- Inventory tab feature legacy facts HOT 2
- puppetboard fails to start with scheduler enabled
- [BUG] applied changes during puppet run show empty on puppetboard if containing xml HOT 1
- puppetboard fails to start because module 'flask.json' has no attribute 'JSONEncoder'
- Setting GRAPH_FACTS causes a 500 error
- Intermittent errors after PuppetDB 8.0 to 8.1 upgrade HOT 13
- better support structured facts HOT 2
- Facts only showing RedHat HOT 1
- Pattern for python_version do not allow 3.11 HOT 3
- Make it More Apparent that SECRET_KEY cannot be blank HOT 3
- Allow puppetboard to start without a running puppetdb
- Offline mode tries to load external resources HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppetboard.