SUSE / openSUSEThis Forum is for the discussion of Suse Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
At my work we are using a SuseLinux box custom tailored to run various apps. We have this same image that gets loaded when we setup a new store then modify it to suit the new unique store.
Anyway, we update the software occasionally with an automatic update setup that opens the package, runs a permission fixing utility in a safe area, then copies the files to replace or add to the existing file structure.
The permission fixing utility we have right now needs to be reworked, and I was hoping to find a different way to go about this. our utility as it is is basically a shell script that manually sets permissions on a long list of files. What I am hoping to find is a utility that i can run on our basic gold image to create a template file. Then transfer that file to all the locations, and run a utility that will match permissions according to the template file. Is there already such a beast out there?
If you update using package management then RPM should set the permissions, no need for further mucking about. So are you? Or are you running some homebrewn update kludge?
homebrew. we send the update, which can load sent data into the DB, deliver new code to compile or deliver non code files (OS changes). So we will need something that we can run to fix permissions across the board based on custom setups so i cant just use a standard utility that can fix Suse OS file permissions, i need to make a template I can update easily.
I've got no idea at all. Maybe it could help those here who have if you elaborate: are you talking about something like updates on in-store POS or suchlike systems? Are those systems remotely manageable? What percentage of an update is similar across systems? What are unique changes based on? Location? Software (version)? Please add anything else that you think could help your fellow LQ members help you.
Okay, I am speaking somewhat generally due to security constraints but ill try to give more specific information.
We have a customized two server setup (Primary and secondary) running suselinux. We have a gold image that every store begins as, and anything that makes it unique is going to be in a database (Progress) that runs the POS application. The database gets data updates daily, but that has nothing to do with this issue. Occasionally we will send an update down that delivers changes to code in the App, delivers shell script changes or binaries in and outside of the database directory. we do this by opening the archive in the database directory and any changes that need to go outside the database directory are located in a subdirectory inside the database directory, which we then copy to the / mounts after running a program to make sure the permissions match as they should be.
The script we use now is very cumbersome and I'm looking for something to replace it. The script was originally designed to only set permissions inside the database directory before anything that goes outside it is copied, so basically its a list of everything that we have so far added to the systems in an update. However this potentially could grow to include any file across the OS and any update where we have a change that isnt in this script already, it needs to be added to.
What im looking for is something I can use to build a template list of every file on the gold image (With permissions) and either
1) use a grep whenever files are delivered by updates to verify permissions from the template and correct if needed.
or
2) find a tool that can build and use this list to quickly correct/set permissions based on this template.
or
2) lock permissions across the OS based on the template and this way, I will only have to make changes if we need to specifically change permissions or add new files to the OS.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.