Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
keeping distfiles on remote cifs share (permissions hell)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
^marcs
Apprentice
Apprentice


Joined: 09 Mar 2005
Posts: 169

PostPosted: Sat Apr 21, 2012 10:06 am    Post subject: keeping distfiles on remote cifs share (permissions hell) Reply with quote

Hello,
I want to keep distfiles on samba remote share, but i want to keep it a bit secure, so i dont want to make that share accessible and RW for all.

What i did so far.
Created user "storage" on samba server, made "distfiles" dir in his home directory and shared it only for him and root
Code:
[distfiles]
comment=Distfiles directory
path = /home/storage/distfiles
read only = no
valid users = storage root


Now when I want to upload some files from my local distfiles to remote share, i get an error saying that owner cannot be changed (local
distfiles are owned by "portage" user) and then all files that lands on server have their ownership changed to "storage". My guess its because "storage" user can't chown files to "portage" user, not sure tho.
So, i mounted it again as root user, then everything went fine, ownership is preserved and everyting is cool - almost...when i emerge something on client and distfile is being downloaded from gentoo mirror i get an error saying it cannot write to distfiles dir .... goooooooosh

Code:
>>> Emerging (1 of 5) perl-core/Term-ANSIColor-3.20.0
 * Fetching files in the background. To view fetch progress, run
 * `tail -f /var/log/emerge-fetch.log` in another terminal.
bash: /var/portage/distfiles/.__portage_test_write__:Permission denied
>>> Downloading 'gentoo.prz.rzeszow.pl/distfiles/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied
>>> Downloading 'http://www.cpan.org/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Brak dostępu
>>> Downloading 'http://search.cpan.org/CPAN/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'
/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied
!!! Couldn't download 'Term-ANSIColor-3.02.tar.gz'. Aborting.
 * Fetch failed for 'perl-core/Term-ANSIColor-3.20.0', Log file:
 *  '/var/tmp/portage/perl-core/Term-ANSIColor-3.20.0/temp/build.log'


Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.

I hope someone get anything from what i said here.
It drives me crazy so any explanation or tips are welcomed.
Back to top
View user's profile Send private message
cwr
Veteran
Veteran


Joined: 17 Dec 2005
Posts: 1969

PostPosted: Sat Apr 21, 2012 10:57 am    Post subject: Reply with quote

Portage uses lockfiles in /usr/portage/distfiles/.locks, or used to - I haven't checked recently.
It therefore needs write access to the distfiles directory. I edited /usr/lib/portage/pym/portage.py
and added a PORT_LOCKDIR variable set in make.conf, which moved the lock to /var/lock/portage,
but all that stuff now seems to be in locks.py

You may have to do something like that, but check a current version of portage first.

Will
Back to top
View user's profile Send private message
^marcs
Apprentice
Apprentice


Joined: 09 Mar 2005
Posts: 169

PostPosted: Sat Apr 21, 2012 2:06 pm    Post subject: Reply with quote

Thanks for reply, but i don't like this solution, it should be doable another way, just by setting right perms.
Problem is there is thousand places where it can be set.
Back to top
View user's profile Send private message
keenblade
Veteran
Veteran


Joined: 03 Oct 2004
Posts: 1087

PostPosted: Sun May 20, 2012 8:05 pm    Post subject: Reply with quote

^marcs, have you found a solution?
I have filed a bug report at b.g.o for very similar problem. Probably the same.
Quote:

Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.

You are right. Since udisks2 is getting rid of /media and instead now using /run/media/$USERNAME/$DEVICE, portage can't write to remote or external storage. Now I can't emerge any package.
I have an usb disk for distfiles. Since this disk mounted as my user, it seems portage can't write to it for some permission problem. The problem is portage already has the necessary permissions but fails to operate write actions, since the disk mounted for my regular user.
_________________
Anyway it's all the same at the end...
Need help to get it working: "x-fi surround 5.1"
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana

PostPosted: Sun May 20, 2012 8:15 pm    Post subject: Reply with quote

If you like challenge CIFS may be the way, but I'd just fire up NFS server for portage on your Samba box.
_________________
My Gentoo installation notes.
Please learn how to denote units correctly!
Back to top
View user's profile Send private message
John R. Graham
Administrator
Administrator


Joined: 08 Mar 2005
Posts: 10587
Location: Somewhere over Atlanta, Georgia

PostPosted: Sun May 20, 2012 8:25 pm    Post subject: Reply with quote

I'm with Jaglover. Also, since CIFS doesn't support the same permissions model as the typical *nix filesystem, it's not going to work perfectly. I use a central NFS share for /usr/portage/distfiles and it works remarkably well. I sync a local copy of the rest of /usr/portage to most machines so that Portage will work when offline, but, I've shared it before as well.

- John
_________________
I can confirm that I have received between 0 and 499 National Security Letters.
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana

PostPosted: Sun May 20, 2012 8:45 pm    Post subject: Reply with quote

I'm currently having the whole portage along with distfiles in an NFS share and everything works great, I created user and group gentoo:gentoo in the remote box and mapped it to remote root access.
Regarding using different protocols sharing the same directory it works just fine. Once I had a directory shared over Samba, AFP, NFS and HTTP same time and all worked great.
_________________
My Gentoo installation notes.
Please learn how to denote units correctly!
Back to top
View user's profile Send private message
^marcs
Apprentice
Apprentice


Joined: 09 Mar 2005
Posts: 169

PostPosted: Mon May 21, 2012 4:41 am    Post subject: Reply with quote

Quote:
^marcs, have you found a solution?

Nope, I did too switched to NFS - and it's working just fine :o
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum