-
Type: Bug
-
Resolution: Fixed
-
Priority: Major
-
Affects Version/s: None
-
Component/s: None
-
Security Level: Public (Visbile by non-authn users.)
-
None
-
Environment:
When configuring storm backend with YAIM, it performs a recursive chown on the storage are for a given VO (/opt/glite/yaim/functions/local/config_storm_dir, lines 73-78):
if [ -d ${dir} ]; then yaimlog DEBUG "${FUNCTION}: Recursively set '${STORM_USER}:${STORM_USER}' ownership for ${dir}"; chown -RL ${STORM_USER}:${STORM_USER} ${dir}; yaimlog DEBUG "${FUNCTION}: Recursively unset world permissions for ${dir}, adding group read permission"; chmod -R o-rwx,g+r ${dir}
this is unacceptable for sites with already existing large storage areas (1PB in our case!) where permissions and owners of files are already properly configured.
This kind of behavior of YAIM should be optional, or not done if the storage area pre-exists.