> On 28 Jul 2015, at 16:50, Joshua Root <j...@macports.org> wrote:
>
> On 2015-7-29 00:08 , Björn Raupach wrote:
>> hi joshua,
>>
>>> On 28 Jul 2015, at 15:59, Joshua Root <j...@macports.org> wrote:
>>>
>>> On 2015-7-28 22:28 , Björn Raupach wrote:
>>>> Dear group,
>>>>
>>>> I am new to Portfile development and have a problem with permissions for
>>>> users and groups. At the moment I am trying to create a Portfile for
>>>> Apache Tomcat 8. I would like to run Tomcat as non-root with a user
>>>> `tomcat` and group `tomcat`. I am a bit lost.
>>>>
>>>> set catalina_home ${destroot}${prefix}/share/java/${name}
>>>> set tomcat_user tomcat
>>>> set tomcat_group tomcat
>>>> add_users ${tomcat_user} group=${tomcat_group}
>>>>
>>>> I saw these lines in some other ports, for example couchdb, and figured
>>>> that is the way to go even though I don’t find the macro add_users
>>>> anywhere in the documentation.
>>>>
>>>> My destroot-phase currently looks like this:
>>>>
>>>> destroot {
>>>> xinstall -m 755 -g ${tomcat_group} -d ${catalina_home}
>>>>
>>>> file copy \
>>>> ${worksrcpath}/LICENSE \
>>>> ${worksrcpath}/NOTICE \
>>>> ${worksrcpath}/RELEASE-NOTES \
>>>> ${worksrcpath}/RUNNING.txt \
>>>> ${worksrcpath}/bin \
>>>> ${worksrcpath}/conf \
>>>> ${worksrcpath}/lib \
>>>> ${worksrcpath}/logs \
>>>> ${worksrcpath}/temp \
>>>> ${worksrcpath}/webapps \
>>>> ${worksrcpath}/work \
>>>> ${catalina_home}
>>>>
>>>> xinstall -m 644 ${filespath}/setenv.sh
>>>> ${catalina_home}/bin/setenv.sh.default
>>>>
>>>> # replace @PREFIX@ to ${prefix}
>>>> reinplace "s|@PREFIX@|${prefix}|g" ${catalina_home}/bin/setenv.sh.default
>>>> # replace @NAME@ to ${name}
>>>> reinplace "s|@NAME@|${name}|g" ${catalina_home}/bin/setenv.sh.default
>>>> }
>>>>
>>>> However `/opt/local/share/java/tomcat8` has the ownership `root:admin` and
>>>> not `root:tomcat`.
>>>
>>> First try running the destroot target (rather than install) and check
>>> the permissions on ${destroot}${prefix}/share/java/tomcat8. The destroot
>>> dir will be in the path given by `port work tomcat8` BTW.
>>
>> Nice. I did not know I could do that. Thanks!
>>
>> Well, I checked. In the destroot-phase the permissions are like I want them
>> to. The owner of the tomcat8 directory is `root` and the group is `tomcat`.
>> After destroot I only have a post-activate phase that does not touch
>> permissions.
>>
>> post-activate {
>> if {![file exists ${prefix}/share/java/${name}/bin/setenv.sh]} {
>> file copy ${prefix}/share/java/${name}/bin/setenv.sh.default \
>> ${prefix}/share/java/${name}/bin/setenv.sh
>> }
>> }
>
> (Please keep replies on the list.)
Sorry. I just hit reply. This works on my other mailing lists but not here.
>
> OK, so the ownership in the port image is probably OK. You can verify
> that by running 'tar -vtjf $archive' where $archive is the .tbz2 file in
> /opt/local/var/macports/software/tomcat8 when the port is installed.
>
> Does the /opt/local/share/java/tomcat8 directory already exist? If it
> does, it will not be modified when the port is activated. Ports don't
> have exclusive ownership of directories like they do files, since
> multiple ports can install files in the same directory.
Again. So sorry. Josh, you were right. That directory was already present.
After I deleted the folder and did a new port install I get the permissions
like I want them to. Thanks!
So the approach with add_users is correct?
>
> - Josh
_______________________________________________
macports-dev mailing list
macports-dev@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-dev
