permission-problems with cache : dir-mod wrong !

Since Saturday I suddenly face massive problems with my
on-disk-cache.

-------
file error - cache failed to write index.tt2.ttc: Error in
tempfile() 
using 
/tmp/tt2/data/apache/knowledge/sandbox/templates/literatur/w
ienermoderne/XXXXXXXXXX: 
Could not create temp file 
/tmp/tt2/data/apache/knowledge/sandbox/templates/literatur/w
ienermoderne/D0wMRP4DtC: 
Permission denied at 
/usr/local/lib/perl5/site_perl/5.8.0/i686-linux/Template/Doc
ument.pm 
line 280 path : literatur/wienermoderne/index.tt2
-------

compile_dir is '/tmp/tt2'

the funny thing is that, when I completely empty the
cache-dir, 
everything is working fine and suddenly on a random (to me)
subfolder 
the above error occures. When I look at the cache-dir into
the 
problematic folder I can see that there are different
permissions set:

# ls -l /tmp/tt2/data/apache/knowledge/sandbox/templates
total 11
drwx------    2 httpd139 httpd         224 May 30 10:52
historiografie/
-rw-------    1 httpd139 httpd        5755 Feb  7 09:34
index.tt2.ttc
drw-rw-rw-    2 httpd139 httpd          48 May 30 11:00
literatur/
drwx------    3 httpd139 httpd         416 May 30 10:59
medienpreise/
drwx------    2 httpd139 httpd         424 May 30 10:59
navigation/
drwx------    2 httpd139 httpd         312 May 30 10:47
startseite/

for some wicked reason the folder literatur has a complete
different mod 
set. It lacks the X-permission and so the toolkit cannon
create 
subfolders.  When I perform a chmod -R 700 * on the whole
cache 
everything is working fine for a while again.  (and I dont
want to chmod 
700 the compiled files themselves 

I dont have any clue what causes this problem. And I didnt
find any 
config-option that allows me to fix the creation-mode.

Any idea?
thnx,
peter

ps: using Template-Toolkit 2.08







-- 
mag. peter pilsl
goldfisch.at
IT- & dataconsulting
tel: +43 650 3574035
tel: +43 1 8900602
fax: +43 1 8900602 15
pilslgoldfisch.at

_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates

I had a related problem.  Cache files are created readable
only by the
user the process is running as.  This is a consequence of
the use of
File::Temp to create the cache files, but it means that
cache
directories cannot be shared between different users, even
if they are
in the same group and set umask appropriately.  I was bitten
by this
when running the perl debugger on a web application that
used Template
Toolkit: I had created a new template and TT2 cached the
compiled
template, but the web application then could not read the
cached file.
I get round this now by specifying the cache directory as
something like
"/tmp/tt2-cache-$<".  This means that each
user gets their own cache and
avoids any interactions between processes using TT2 running
as different
users.

Regards
Andrew

peter pilsl wrote:
>
> Since Saturday I suddenly face massive problems with my
on-disk-cache.
>
> -------
> file error - cache failed to write index.tt2.ttc: Error
in tempfile() 
> using 
>
/tmp/tt2/data/apache/knowledge/sandbox/templates/literatur/w
ienermoderne/XXXXXXXXXX: 
> Could not create temp file 
>
/tmp/tt2/data/apache/knowledge/sandbox/templates/literatur/w
ienermoderne/D0wMRP4DtC: 
> Permission denied at 
>
/usr/local/lib/perl5/site_perl/5.8.0/i686-linux/Template/Doc
ument.pm 
> line 280 path : literatur/wienermoderne/index.tt2
> -------
>
> compile_dir is '/tmp/tt2'
>
> the funny thing is that, when I completely empty the
cache-dir, 
> everything is working fine and suddenly on a random (to
me) subfolder 
> the above error occures. When I look at the cache-dir
into the 
> problematic folder I can see that there are different
permissions set:
>
> # ls -l
/tmp/tt2/data/apache/knowledge/sandbox/templates
> total 11
> drwx------    2 httpd139 httpd         224 May 30 10:52
historiografie/
> -rw-------    1 httpd139 httpd        5755 Feb  7 09:34
index.tt2.ttc
> drw-rw-rw-    2 httpd139 httpd          48 May 30 11:00
literatur/
> drwx------    3 httpd139 httpd         416 May 30 10:59
medienpreise/
> drwx------    2 httpd139 httpd         424 May 30 10:59
navigation/
> drwx------    2 httpd139 httpd         312 May 30 10:47
startseite/
>
> for some wicked reason the folder literatur has a
complete different 
> mod set. It lacks the X-permission and so the toolkit
cannon create 
> subfolders.  When I perform a chmod -R 700 * on the
whole cache 
> everything is working fine for a while again.  (and I
dont want to 
> chmod 700 the compiled files themselves 
>
> I dont have any clue what causes this problem. And I
didnt find any 
> config-option that allows me to fix the creation-mode.
>
> Any idea?
> thnx,
> peter
>
> ps: using Template-Toolkit 2.08
>
>
>
>
>
>
>

-- 
Andrew Ford,  Director    Pauntley Prints / Ford & Mason
Ltd
A.Fordford-mason.co.uk   South Wing Compton House
pauntley-prints.co.uk     Compton Green, Redmarley  Tel: +44
1531 829900
ford-mason.co.uk          Gloucester GL19 3JB       Fax: +44
1531 829901
refcards.com cronolog.org Great Britain          Mobile: +44
7785 258278




_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates

>>>>> "Andrew" == Andrew Ford
<A.Fordford-mason.co.uk> writes:

Andrew> I get round this now by specifying the cache
directory as something
Andrew> like "/tmp/tt2-cache-$<".  This
means that each user gets their own
Andrew> cache and avoids any interactions between
processes using TT2 running
Andrew> as different users.

Yeah, that's the trick I use in the CGI::Prototype
distribution as well.

But I think you want $>, not $<, because it should be
the effective UID, not
the original UID.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. -
+1 503 777 0095
<merlynstonehenge.com> <URL:http://www.ston
ehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy,
etc. etc.
See PerlTraining.Stonehenge.com for onsite and
open-enrollment Perl training!

_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates

Randal L. Schwartz wrote:
>>>>>> "Andrew" == Andrew Ford
<A.Fordford-mason.co.uk> writes:
>>>>>>             
>
> Andrew> I get round this now by specifying the cache
directory as something
> Andrew> like "/tmp/tt2-cache-$<". 
This means that each user gets their own
> Andrew> cache and avoids any interactions between
processes using TT2 running
> Andrew> as different users.
>
> Yeah, that's the trick I use in the CGI::Prototype
distribution as well.
>
> But I think you want $>, not $<, because it
should be the effective UID, not
> the original UID.
Thanks for pointing that out.  Don't think I've run TT2 in
any context where the two UIDs differ, but you are right.

I had wondered whether write_perl_file() in
Template/Document.pm should be modified to adjust the
permissions of newly created cache files after
File::Temp::tempfile returns so as to make them either
reflect the value of umask or to set them to the value of
some (new) configuration value -- or is it a
"feature" that cache files are always created
readable only by the creator?

Andrew

-- 
Andrew Ford,  Director    Pauntley Prints / Ford & Mason
Ltd            
A.Fordford-mason.co.uk   South Wing Compton House          
           
pauntley-prints.co.uk     Compton Green, Redmarley  Tel: +44
1531 829900
ford-mason.co.uk          Gloucester GL19 3JB       Fax: +44
1531 829901
refcards.com cronolog.org Great Britain          Mobile: +44
7785 258278



_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates

Andrew Ford wrote:
> I had a related problem.  Cache files are created
readable only by the
> user the process is running as.  This is a consequence
of the use of
> File::Temp to create the cache files, but it means that
cache
> directories cannot be shared between different users,
even if they are
> in the same group and set umask appropriately.  I was
bitten by this
> when running the perl debugger on a web application
that used Template
> Toolkit: I had created a new template and TT2 cached
the compiled
> template, but the web application then could not read
the cached file.
> I get round this now by specifying the cache directory
as something like
> "/tmp/tt2-cache-$<".  This means that
each user gets their own cache and
> avoids any interactions between processes using TT2
running as different
> users.
> 

thnx for your answer, but I dont see how its related to my
problem.
I've only a single user using TT2 (httpd139) and the
ownership is not a 
problem.  The problem in my case is that subdirectories
(beneath 
compile_dir) have sometimes a permission that do not allow
this user to 
create subdirectories (the user misses the x-right)

as you can see in this example:

drwx------    2 httpd139 httpd         224 May 30 10:52
historiografie/
-rw-------    1 httpd139 httpd        5755 Feb  7 09:34
index.tt2.ttc
drw-rw-rw-    2 httpd139 httpd          48 May 30 11:00
literatur/
drwx------    3 httpd139 httpd         416 May 30 10:59
medienpreise/
drwx------    2 httpd139 httpd         424 May 30 10:59
navigation/
drwx------    2 httpd139 httpd         312 May 30 10:47
startseite/


all entries are owned by the same user httpd139.  But the
folder 
"literatur" strangely has drw-rw-rw instead of
drwx------- like all the 
others.  So if I want to access
"literatur/textarchiv" the subdirectory 
"textarchiv" cannot be created.

Thats the strange thing here.

I have several perl-handlers that use TT2, but all run as
the same user 
: httpd139.  And I made sure that each handler uses a own
compile_dir to 
avoid locking-problems.

thnx,
peter


-- 
mag. peter pilsl
goldfisch.at
IT- & dataconsulting
tel: +43 650 3574035
tel: +43 1 8900602
fax: +43 1 8900602 15
pilslgoldfisch.at

_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates

Randal L. Schwartz wrote:
>>>>>> "Andrew" == Andrew Ford
<A.Fordford-mason.co.uk> writes:
> 
> Andrew> I get round this now by specifying the cache
directory as something
> Andrew> like "/tmp/tt2-cache-$<". 
This means that each user gets their own
> Andrew> cache and avoids any interactions between
processes using TT2 running
> Andrew> as different users.
> 
> Yeah, that's the trick I use in the CGI::Prototype
distribution as well.
> 
> But I think you want $>, not $<, because it
should be the effective UID, not
> the original UID.
> 
Is CGI::Prototype still going? I thought you had changed to
using Catalyst?

:Robert


_______________________________________________
templates mailing list
templatestemplate-toolkit.org
http://lists.template-toolkit.org/mailman/listinfo/t
emplates