Forum: Ruby Logger and file permissions

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
46cf9d3ad0463b5da02964e4ce479dfa?d=identicon&s=25 Jeff P. (jeffpritchard)
on 2006-06-13 09:38
Ruby and linux Nuby question about getting Logger library to work.

I've got a simple ruby script that is set up as the receptor of mail to
a particular address on my server (via postfix).  This script is trying
to use Logger to write a log file.  I'm trying to put the log file in a
subdirectory of the html directory (in other words, far removed from
where the ruby script lives).  I have tried to set up a group that
includes ruby, the script, and the logger library as users and have set
the group of the destination directory to that group, and set up
permissions on that dir to 775.  I continue to get the following error
in the mail admin bounce message

Command died with status 1:
    "/usr/local/bin/rantilizer.rb". Command output:
    /usr/local/lib/ruby/1.8/logger.rb:541:in `initialize': Permission
denied -
    /home/[my domain directory here]/www/html/rants/myLog.log
(Errno::EACCES)  from
    /usr/local/lib/ruby/1.8/logger.rb:541:in `open'  from
    /usr/local/lib/ruby/1.8/logger.rb:541:in `create_logfile'  from
    /usr/local/lib/ruby/1.8/logger.rb:536:in `open_logfile'  from
    /usr/local/lib/ruby/1.8/logger.rb:497:in `initialize'  from
    /usr/local/lib/ruby/1.8/logger.rb:256:in `new'  from
    /usr/local/lib/ruby/1.8/logger.rb:256:in `initialize'  from
    /usr/local/bin/rantilizer.rb:5:in `new'  from
    /usr/local/bin/rantilizer.rb:5

This is on a REHL4 linux box.  When I temporarily set the permissions of
the destination directory to 777, it all works just fine, but obviously
I don't want to leave the permissions that way.

What is the right way to allow focused write permission to a ruby script
and its libraries?  Am I on the right track but need to add some more
things to the group?

thanks,
jp
Logan Capaldo (Guest)
on 2006-06-14 00:25
(Received via mailing list)
On Jun 13, 2006, at 3:39 AM, Jeff Pritchard wrote:

> I have tried to set up a group that
> includes ruby, the script, and the logger library as users

Um, groups include users (logins). A group or user is not per-file/
executable (unless you have setuid or setgid set). Are we maybe
confused about the Unix security model? You need to run ruby as a
user with access to that directory.
46cf9d3ad0463b5da02964e4ce479dfa?d=identicon&s=25 Jeff P. (jeffpritchard)
on 2006-06-14 07:28
Thanks Logan,
Yes "we" were confused (or rather poorly self educated) on the unix
security model.  I found this to be a good explanation for a newbie such
as myself:
http://www.dsm.fordham.edu/~moniot/Classes/Interne...

jp


Logan Capaldo wrote:
> On Jun 13, 2006, at 3:39 AM, Jeff Pritchard wrote:
>
>> I have tried to set up a group that
>> includes ruby, the script, and the logger library as users
>
> Um, groups include users (logins). A group or user is not per-file/
> executable (unless you have setuid or setgid set). Are we maybe
> confused about the Unix security model? You need to run ruby as a
> user with access to that directory.
This topic is locked and can not be replied to.