Openbravo Issue Tracking System - Retail Modules |
View Issue Details |
|
ID | Project | Category | View Status | Date Submitted | Last Update |
0035115 | Retail Modules | Mobile Warehouse operations | public | 2017-01-31 18:49 | 2017-03-09 09:31 |
|
Reporter | AugustoMauch | |
Assigned To | AugustoMauch | |
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | |
Platform | | OS | 5 | OS Version | |
Product Version | | |
Target Version | | Fixed in Version | | |
Merge Request Status | |
Review Assigned To | mtaal |
OBNetwork customer | |
Support ticket | |
Regression level | |
Regression date | |
Regression introduced in release | |
Regression introduced by commit | |
Triggers an Emergency Pack | No |
|
Summary | 0035115: The SymmetricDS config files that are placed in the temporary folder should be deleteable by any user |
Description | If a user runs the install.symmetric.ds task in a server whose mobile server key is 'Central', the Central_symmetric-ds.properties file will be created.
If another user with fewer permissions when runs any other SymmetricDS task, the task will fail because it will not be able to delete the properties file created by the previous user (these files are recreated each time a process is executed).
To prevent this, the files should be created so that they can be deleted by any user. |
Steps To Reproduce | In a multiserver environment:
- execute this task in the org.openbravo.replication.symmetricds module: ant ant create.synchronization.properties.file. It will create a propertiles file in /tmp called /tmp/{mobileServerKey}_symmetric-ds.properties
- Create a user that belongs to another group. You can create one (user 'test' in group 'test' with this commands:
* sudo groupadd test
* useradd -g test test
- Try to remove the file with the new user:
* sudo su -
* su - test
* rm /tmp/{mobileServerKey}_symmetric-ds.properties. The command will fail with an Operation not permitted error. |
Proposed Solution | |
Additional Information | |
Tags | No tags attached. |
Relationships | |
Attached Files | |
|
Issue History |
Date Modified | Username | Field | Change |
2017-01-31 18:49 | AugustoMauch | New Issue | |
2017-01-31 18:49 | AugustoMauch | Assigned To | => Retail |
2017-01-31 18:49 | AugustoMauch | Triggers an Emergency Pack | => No |
2017-02-01 09:22 | AugustoMauch | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=14414#r14414 |
2017-02-01 09:22 | AugustoMauch | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=14415#r14415 |
2017-02-01 10:50 | hgbot | Checkin | |
2017-02-01 10:50 | hgbot | Note Added: 0093979 | |
2017-02-01 10:50 | hgbot | Checkin | |
2017-02-01 10:50 | hgbot | Note Added: 0093980 | |
2017-02-01 10:50 | hgbot | Status | new => resolved |
2017-02-01 10:50 | hgbot | Resolution | open => fixed |
2017-02-01 10:50 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^] |
2017-02-01 15:55 | marvintm | Assigned To | Retail => AugustoMauch |
2017-02-12 23:48 | mtaal | Review Assigned To | => mtaal |
2017-02-14 20:34 | mtaal | Note Added: 0094333 | |
2017-02-14 20:34 | mtaal | Status | resolved => new |
2017-02-14 20:34 | mtaal | Resolution | fixed => open |
2017-02-20 10:57 | hgbot | Checkin | |
2017-02-20 10:57 | hgbot | Note Added: 0094457 | |
2017-02-20 10:57 | hgbot | Status | new => resolved |
2017-02-20 10:57 | hgbot | Resolution | open => fixed |
2017-02-20 10:57 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/45991d82e7509ee2ce749ba9c3671b1836e7354f [^] |
2017-03-09 09:31 | mtaal | Note Added: 0094849 | |
2017-03-09 09:31 | mtaal | Status | resolved => closed |
Notes |
|
(0093979)
|
hgbot
|
2017-02-01 10:50
|
|
Repository: erp/pmods/org.openbravo.replication.symmetricds
Changeset: d8e3a1c71bd71d13a60ec1db0061ab7825b810d6
Author: Augusto Mauch <augusto.mauch <at> openbravo.com>
Date: Wed Feb 01 10:50:06 2017 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/d8e3a1c71bd71d13a60ec1db0061ab7825b810d6 [^]
Related with issue 35115: Cleanup - removes method that is not used
The SynchronizationPropertiesFileBuilder.createEnginePropertiesFileForStoreServer is not needed since the SymmetricDS creation process was refactored a few months ago.
---
M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java
---
|
|
|
(0093980)
|
hgbot
|
2017-02-01 10:50
|
|
Repository: erp/pmods/org.openbravo.replication.symmetricds
Changeset: 6831c6401ef3ecea18a22cc6e412980e194f92c2
Author: Augusto Mauch <augusto.mauch <at> openbravo.com>
Date: Wed Feb 01 10:50:14 2017 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^]
Fixes issue 35115: SymmetricDS config file can be deleted by any user
For a file to be deleteable for any user:
- The folder where it is contained must have full permissions
- The file itself must have at last rw-rw-rw- permissions
The permissions are being granted using the Files.setPosixFilePermissions API.
---
M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java
---
|
|
|
(0094333)
|
mtaal
|
2017-02-14 20:34
|
|
The file is created with read permissions for group and others. It is better from a safety perspective (file contains user/password of the db) to create it only with write permissions for other and group level but without read permissions for other/group.
Write permission will allow deleting the file by other users but not allow other users to read the file. |
|
|
(0094457)
|
hgbot
|
2017-02-20 10:57
|
|
Repository: erp/pmods/org.openbravo.replication.symmetricds
Changeset: 45991d82e7509ee2ce749ba9c3671b1836e7354f
Author: Augusto Mauch <augusto.mauch <at> openbravo.com>
Date: Mon Feb 20 10:56:51 2017 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/45991d82e7509ee2ce749ba9c3671b1836e7354f [^]
Fixes issue 35115: SymmetricDS file permissions are more restricted
Read permission has been revoked from the SymmetricDS generated properties file for all groups other than the one of the user who creates the file. The file still can be deleted by any user, because all users still have write access.
---
M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java
---
|
|
|
(0094849)
|
mtaal
|
2017-03-09 09:31
|
|
|