Re: [Distutils] no access to resources unpacked as root
At 12:42 AM 1/24/2006 +0000, Matt Goodall wrote:
The Twisted process starts up as root to open low ports, etc and then, once up and running, sheds privileges and continues to run as a normal user. Many of the resources that are buried in the eggs are located with resource_filename at module import time; some when the application is still running as root.
The resources are unpacked from the egg into /root/.python-eggs/ and (correctly, I think) given 600 (rw-------) file access permissions. The problem is that the user the application ends up running as cannot access the unpacked resource files and fails with a PermissionDenied error.
Now, I can move some uses of resource_filename to happens later but I don't think I can replace all of them without changing APIs.
Has anyone else tackled this problem or can anyone offer any advice on how to avoid the problem in the first place?
The simplest approach is probably to mark the eggs as not zip-safe, or to configure easy_install to install them unzipped.
participants (1)
-
Phillip J. Eby