Ticket #2460 (new defect)
writing to data store broken due to permissions issue
|Reported by:||sascha_silbe||Owned by:||silbe|
|Priority:||Unspecified by Maintainer||Milestone:||Unspecified by Release Team|
|Component:||Rainbow||Version:||Git as of bugdate|
Writing data store entries fails inside the data store:
Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/dbus/service.py", line 702, in _message_cb retval = candidate_method(self, *args, **keywords) File "/usr/lib/python2.6/dist-packages/carquinyol/datastore.py", line 271, in get_filename return self._file_store.retrieve(uid, user_id, extension) File "/usr/lib/python2.6/dist-packages/carquinyol/filestore.py", line 134, in retrieve os.chmod(file_path, 0440) OSError: [Errno 1] Operation not permitted: '/home/sascha.silbe/.sugar/default/datastore/2b/2bd396fa-ddb2-43e6-b8ae-680f475488ce/data'
That's because the submitted files are owned by the isolation user and moved (not copied) into the data store:
sascha.silbe@xo15-sascha:~/sugar-jhbuild/source/sugar-datastore$ ls -l /home/sascha.silbe/.sugar/default/datastore/2b/2bd396fa-ddb2-43e6-b8ae-680f475488ce/data -rw-rw-rw- 1 10046 sascha.silbe 232 Oct 17 22:22 /home/sascha.silbe/.sugar/default/datastore/2b/2bd396fa-ddb2-43e6-b8ae-680f475488ce/data
Not sure what the best solution is:
* Copying would be wasteful (especially for large entries)
* For changing ownership after moving we'd need some helper running as root.
* Leaving the permissions as-is would lead to the same issues I encountered with Backup / Restore: other activities cannot read or overwrite existing entries from an activity that set restrictive permissions.
DBus 1.3.0 apparently has support for fd passing. Maybe the next generation of sugar-datastore and sugar-toolkit should use that to transfer the entries? Most activities wouldn't need to create an on-disk copy first.