Comment 1 for bug 1040901

Revision history for this message
Olivier Dony (Odoo) (odo-openerp) wrote :

Hi Georges,

The auth_openid module does not have any hardcoded directory, it's using the platform's temporary location, as appropriate.
You should not encounter any access rights issues in the creation or usage of the OpenID filestore directory, unless:
 - you have configured special access rights on the temporary directory on your platform (the user running OpenERP should be able to create files and directories inside it)
 - you are trying to run multiple OpenERP processes using different system users. This is not a supported configuration. Even in multiprocess deployments (GUnicorn etc..), all OpenERP processes are executed as the same user.

Note: let's not confuse the system user OpenERP is running as, and the users configured within each OpenERP database.
Perhaps you have executed the OpenERP server under different users while testing it? In that case you can simply delete the existing "/tmp/openerp-auth_openid-store" and restart the server.

If you want to run multiple OpenERP servers using different system users you are in unsupported territory (because OpenERP is designed as a multi-tenant platform, so it makes little sense). Nevertheless you can try one of the following:
 - On Unix: make sure they belong to the same Unix group, so they can read/write on each other's files in the temporary location (which by default should using a permission mask that gives the group the same permissions as the user)
 - Alternatively, configure an OS-level jail isolation for the processes, where each process has its own "/tmp" location

I hope this clarifies the topic a little bit...