Skip to content
Snippets Groups Projects
Commit 725347fc authored by Alex Clemmer's avatar Alex Clemmer
Browse files

Adopt 0755 as default permissions for folders

Under certain circumstances, it is possible for operations to fail
because of permissions that are too restrictive. Here we adopt the
default permissions of 0755 (i.e., rwxr-xr-x), which should be a better
balance of restriction and flexibility.
parent 63fe7d8c
No related branches found
No related tags found
No related merge requests found
......@@ -83,7 +83,7 @@ func (m *manager) createEnvironment(name, uri string, extensionsLibData, k8sLibD
log.Infof("Creating environment '%s' with uri '%s'", name, uri)
envPath := appendToAbsPath(m.environmentsPath, name)
err = m.appFS.MkdirAll(string(envPath), defaultPermissions)
err = m.appFS.MkdirAll(string(envPath), defaultFolderPermissions)
if err != nil {
return err
}
......@@ -93,7 +93,7 @@ func (m *manager) createEnvironment(name, uri string, extensionsLibData, k8sLibD
// Generate the schema file.
log.Debugf("Generating '%s', length: %d", schemaFilename, len(specData))
schemaPath := appendToAbsPath(envPath, schemaFilename)
err = afero.WriteFile(m.appFS, string(schemaPath), specData, defaultPermissions)
err = afero.WriteFile(m.appFS, string(schemaPath), specData, defaultFilePermissions)
if err != nil {
log.Debugf("Failed to write '%s'", schemaFilename)
return err
......@@ -101,7 +101,7 @@ func (m *manager) createEnvironment(name, uri string, extensionsLibData, k8sLibD
log.Debugf("Generating '%s', length: %d", k8sLibFilename, len(k8sLibData))
k8sLibPath := appendToAbsPath(envPath, k8sLibFilename)
err = afero.WriteFile(m.appFS, string(k8sLibPath), k8sLibData, defaultPermissions)
err = afero.WriteFile(m.appFS, string(k8sLibPath), k8sLibData, defaultFilePermissions)
if err != nil {
log.Debugf("Failed to write '%s'", k8sLibFilename)
return err
......@@ -109,7 +109,7 @@ func (m *manager) createEnvironment(name, uri string, extensionsLibData, k8sLibD
log.Debugf("Generating '%s', length: %d", extensionsLibFilename, len(extensionsLibData))
extensionsLibPath := appendToAbsPath(envPath, extensionsLibFilename)
err = afero.WriteFile(m.appFS, string(extensionsLibPath), extensionsLibData, defaultPermissions)
err = afero.WriteFile(m.appFS, string(extensionsLibPath), extensionsLibData, defaultFilePermissions)
if err != nil {
log.Debugf("Failed to write '%s'", extensionsLibFilename)
return err
......@@ -123,7 +123,7 @@ func (m *manager) createEnvironment(name, uri string, extensionsLibData, k8sLibD
log.Debugf("Generating '%s', length: %d", specFilename, len(envSpecData))
envSpecPath := appendToAbsPath(envPath, specFilename)
return afero.WriteFile(m.appFS, string(envSpecPath), envSpecData, defaultPermissions)
return afero.WriteFile(m.appFS, string(envSpecPath), envSpecData, defaultFilePermissions)
}
func (m *manager) DeleteEnvironment(name string) error {
......@@ -278,7 +278,7 @@ func (m *manager) SetEnvironment(name string, desired Environment) error {
envPath := appendToAbsPath(m.environmentsPath, name)
specPath := appendToAbsPath(envPath, specFilename)
err = afero.WriteFile(m.appFS, string(specPath), newSpec, defaultPermissions)
err = afero.WriteFile(m.appFS, string(specPath), newSpec, defaultFilePermissions)
if err != nil {
log.Debugf("Failed to write %s at path '%s'", specFilename, specPath)
return err
......
......@@ -22,7 +22,8 @@ import (
)
var appFS afero.Fs
var defaultPermissions = os.FileMode(0644)
var defaultFolderPermissions = os.FileMode(0755)
var defaultFilePermissions = os.FileMode(0644)
// AbsPath is an advisory type that represents an absolute path. It is advisory
// in that it is not forced to be absolute, but rather, meant to indicate
......
......@@ -157,7 +157,7 @@ func (m *manager) createAppDirTree() error {
}
for _, p := range paths {
if err := m.appFS.MkdirAll(string(p), defaultPermissions); err != nil {
if err := m.appFS.MkdirAll(string(p), defaultFolderPermissions); err != nil {
return err
}
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment