chef-dev - [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path

Subscribers: 756
Owners
Adam Jacob
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

Chef Developers

[[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path

From: Chad Woolley < >
To: Thomas Bishop < >
Cc:
Subject: [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path
Date: Sat, 2 Oct 2010 19:02:08 -0700
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=hXPjckb3T53jUDkj7C5g9Wqk5CpEclpu0034nkH937TgIypGy8rYFKyJlGZmQQkf1U o6wH6NrLpAzAZl/M05nQ1cE4y3Q8HyM6A9B8VptM6MEkfpzUpOsoY9N74D0X2n9JZu/J wDqrF0wcgxoz3zfBXoePlgA2yXWhC3L1GHTm8=

On Sat, Oct 2, 2010 at 4:22 PM, Thomas Bishop
< >
wrote:
> Hi folks,
>
> I was discussing this ticket with Dan DeLeo on irc and we thought it
> would be a good idea to get feedback from a larger audience.
>
> Have a look at the example at http://tickets.opscode.com/browse/CHEF-1621.
>
> The user was expecting:
>
> 777 ldm:ldm /data
> 777 ldm:ldm /data/realtime
> 777 ldm:ldm /data/realtime/fetched
> 777 ldm:ldm /data/realtime/fetched/radar
>
>
> Here's what chef did:
>
> 755 root:root /data
> 755 root:root /data/realtime
> 755 root:root /data/realtime/fetched
> 777 ldm:ldm /data/realtime/fetched/radar
>
>
> The current chef behavior makes sense to me.  Here are a couple of reasons
> why:
>
> 1.  As the directory being defined is /data/realtime/fetched/radar, I
> would not expect chef to touch the ownership or permissions on
> anything above it.  I would however expect chef to create the required
> parent directories if they did not exist in order to satisfy the
> desired state.
>
> 2.  If chef modified the permissions/ownership for the entire
> structure, this could have adverse effects if there were additional
> directories defined under /data, or /data/realtime or
> /data/realtime/fetched.  If /data/foo existed for example.  In my
> opinion, this would be counterintuitive behavior.
>
>
> I agree with the ticket submitter that the docs aren't 100% clear on
> this and should probably be updated.
>
>
> I would love to hear additional thoughts on this.

That makes sense, if the tree already exists.  You don't want to muck
with existing permissions.

However, if the parent directory hierarchy were being created from
scratch (did not already exist), what should happen?  Should they be
owned by root, or by the owner of the file at the bottom of the
hierarchy?

I think the latter makes sense, otherwise you'd have to explicitly
create every level in the hierarchy and assign permissions.  That'd be
silly.

-- Chad

[[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path, Thomas Bishop, 10/02/2010
- [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path, Chad Woolley, 10/02/2010
  - [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path, Thomas Bishop, 10/03/2010
    - [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attribute on "directory" resource does not apply users and groups to entire path, Chad Woolley, 10/03/2010
      - [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] CHEF-1621 - "recursive" attributeon "directory" resource does not apply users and groups to entire path, Seth Falcon, 10/03/2010
        
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] CHEF-1621 -"recursive" attributeon "directory" resource does not apply users and groups to entire path, Chad Woolley, 10/03/2010
        
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]]CHEF-1621 -"recursive" attributeon "directory" resource does not apply users and groups to entire path, Daniel DeLeo, 10/04/2010
        
        Message not available
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] CHEF-1621-"recursive" attributeon "directory" resource does not apply users and groups to entire path, Daniel DeLeo, 10/05/2010
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]]CHEF-1621-"recursive" attributeon "directory" resource does not apply users and groups to entire path, Seth Falcon, 10/12/2010
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]]Re: [[chef-dev]]CHEF-1621-"recursive" attributeon "directory" resource does not apply users and groups to entire path, Thomas Bishop, 10/13/2010
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]]Re: [[chef-dev]]CHEF-1621-"recursive" attributeon "directory" resource does not apply users and groups to entire path, Seth Falcon, 10/14/2010
        [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]] Re: [[chef-dev]]Re: [[chef-dev]]CHEF-1621-"recursive" attributeon "directory" resource does not apply users and groups to entire path, Thomas Bishop, 10/18/2010