Possibility to use chmod instead of acl?

[allaire]

Might be a better default for most of the people, since the ACL package is not under ubuntu by default.

At least maybe we should add more docs about it?

[peterjmit]

Hi @allaire, the reason I chose acl as the default is because I felt is was more secure. With ACL you only give permissions to those you explicitly define (usually the deploying user, and the web-server user).

Chmod is a little more of a sledgehammer approach, although I agree that it is a pain point that setfacl is not there by default.

I agree the documentation needs improving, perhaps I will work on that first (unless you are offering 😄)

[allaire]

For some reason, even with ACL installed, and rwx on www-data (running on ubuntu 12.04), Laravel can't write to storage directory on errrors. any ideas?

Note that it's not able to write in storage/ when I get an error using Laravel 4 smart errors

[peterjmit]

Do you know what version of https://github.com/capistrano/file-permissions you have?

The problem could lie with the sefacl call not being recursive (can you paste the output)

[allaire]

Here's my lock file

GEM
  remote: https://rubygems.org/
  specs:
    capistrano (3.1.0)
      i18n
      rake (>= 10.0.0)
      sshkit (~> 1.3)
    capistrano-composer (0.0.3)
      capistrano (>= 3.0.0.pre)
    capistrano-file-permissions (0.1.0)
      capistrano (>= 3.0.0)
    capistrano-laravel (0.0.2)
      capistrano (>= 3.0.0)
      capistrano-composer (>= 0.0.3)
      capistrano-file-permissions
    i18n (0.6.9)
    net-scp (1.1.2)
      net-ssh (>= 2.6.5)
    net-ssh (2.7.0)
    rake (10.1.1)
    sshkit (1.3.0)
      net-scp (>= 1.1.2)
      net-ssh
      term-ansicolor
    term-ansicolor (1.2.2)
      tins (~> 0.8)
    tins (0.13.1)

PLATFORMS
  ruby

DEPENDENCIES
  capistrano (~> 3.1.0)
  capistrano-laravel

Here's the output the setfacl

 INFO [22a4e32c] Running /usr/bin/env setfacl -m u:www-data:rwx,u:my_user:rwx /home/my_user/apps/new/releases/20140326172906/app/storage /home/my_user/apps/new/releases/20140326172906/app/storage/cache /home/my_user/apps/new/releases/20140326172906/app/storage/logs /home/my_user/apps/new/releases/20140326172906/app/storage/meta /home/my_user/apps/new/releases/20140326172906/app/storage/sessions /home/my_user/apps/new/releases/20140326172906/app/storage/views on staging.my_user.com
DEBUG [22a4e32c] Command: /usr/bin/env setfacl -m u:www-data:rwx,u:my_user:rwx /home/my_user/apps/new/releases/20140326172906/app/storage /home/my_user/apps/new/releases/20140326172906/app/storage/cache /home/my_user/apps/new/releases/20140326172906/app/storage/logs /home/my_user/apps/new/releases/20140326172906/app/storage/meta /home/my_user/apps/new/releases/20140326172906/app/storage/sessions /home/my_user/apps/new/releases/20140326172906/app/storage/views
 INFO [22a4e32c] Finished in 0.069 seconds with exit status 0 (successful).
 INFO [2d14f336] Running /usr/bin/env setfacl -Rdm u:www-data:rwx,u:my_user:rwx /home/my_user/apps/new/releases/20140326172906/app/storage /home/my_user/apps/new/releases/20140326172906/app/storage/cache /home/my_user/apps/new/releases/20140326172906/app/storage/logs /home/my_user/apps/new/releases/20140326172906/app/storage/meta /home/my_user/apps/new/releases/20140326172906/app/storage/sessions /home/my_user/apps/new/releases/20140326172906/app/storage/views on staging.my_user.com
DEBUG [2d14f336] Command: /usr/bin/env setfacl -Rdm u:www-data:rwx,u:my_user:rwx /home/my_user/apps/new/releases/20140326172906/app/storage /home/my_user/apps/new/releases/20140326172906/app/storage/cache /home/my_user/apps/new/releases/20140326172906/app/storage/logs /home/my_user/apps/new/releases/20140326172906/app/storage/meta /home/my_user/apps/new/releases/20140326172906/app/storage/sessions /home/my_user/apps/new/releases/20140326172906/app/storage/views

[allaire]

I had to use:

namespace :deploy do
  after :updated, 'deploy:set_permissions:chmod'
end

In order to make it works correctly.

[ikari7789]

Sorry for the late response. I'll be helping maintain this plugin for the foreseeable future. If any of these issues are still persisting (all of the tickets are quite old), please let me know and I will do what I can to try and help fix things.

[chrisvanpatten]

FWIW, I also had to deal with this, in an Ubuntu environment without setfacl (and without the ability to install it).

Ended up setting laravel_set_acl_paths to false, and that seems to have fixed the problem.

[ikari7789]

The latest version of the gem released should have a flag to set this. I don't think I implemented chmod, I'll look into it, but you should be able to toggle on/off the permission setting.

Sent from my iPhone

On Jun 18, 2016, at 05:11, Chris Van Patten notifications@github.com wrote:

FWIW, I also had to deal with this, in an Ubuntu environment without setfacl (and without the ability to install it).

Ended up setting laravel_set_acl_paths to false, and that seems to have fixed the problem.

―
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.

[osaris]

Problem is that acl is combined with POSIX permissions [1] so setting ACL only isn't enough in some case, resulting in :

user:www-data:rwx #effective:r-x

[1] http://www.vanemery.com/Linux/ACL/POSIX_ACL_on_Linux.html