© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
With all due respect, that is totally beside the point.
1) There is a 'user zope' directive in the configuration file that the zeo server actually honours
2) The zeo server fails to correctly manage the permissions on the files it creates correctly, thus breaking itself when it starts its children up as the 'zope' user.
The whole point of an 'effective user' directive is that a main server process, that never actually receives any user data at all, can be started, and will then fork and manage children with lower privileges to actually do the messy business of interacting with the rest of the world. The point is that this standard Unix feature is broken for ZEO, even though it says it supports it.
I would suggest that there are two possibilities for a 'good fix' here:
1) either a trivial fix to make the logfile get set with the correct permissions of the child process, or
2) remove all the code that knows how to 'drop privileges' and get rid of the option for it in the config file.
Cheers,
D