capistrano / file-permissions Goto Github PK
View Code? Open in Web Editor NEWFile permissions handling for Capistrano v3.*
License: MIT License
File permissions handling for Capistrano v3.*
License: MIT License
Hello !
Could you please make a new release using the last pull request #9 merged ?
It could be great and much more easier in order to deploy Symfony applications.
Thanks & regards !
Hello, guys!
Quick question, does there a reason for executing set fact on each deployment.
I mean, if we executed only one time ex tje first deployment, that should be sufficient to make a folder writable ? Right!
Cheers.
Our provider enabled acl for us on their FreeBSD server. Unfortunately the option -R
does not seem to exist on FreeBSD:
ommand: ( SYMFONY_ENV=prod /usr/bin/env setfacl -Rm
u:vuser:rwx,u:foobar:rwx
/usr/local/www/apache24/noexec/foobar/shared/app/logs
/usr/local/www/apache24/noexec/foobar/releases/20160210175337/app/cache
)
DEBUG [fb0c7ccf] setfacl: illegal option -- R
DEBUG [fb0c7ccf] usage: setfacl [-bdhkn] [-a position entries] [-m
entries] [-M file] [-x entries] [-X file] [file ...]
(Backtrace restricted to imported tasks)
cap aborted!
SSHKit::Runner::ExecuteError: Exception while executing as
[email protected]: Exception while executing
as [email protected]: setfacl exit status: 1
setfacl stdout: Nothing written
setfacl stderr: setfacl: illegal option -- R
usage: setfacl [-bdhkn] [-a position entries] [-m entries] [-M file]
[-x entries] [-X file] [file ...]
Any ideas / workarounds?
capistrano/symfony#32 @alafon @peterjmit
Sometimes you want to set ACL but exclude some file. Is that possible?
Specially I want to set ACL on every files and folder inside a folder but not to the parent folder.
is it possible to run deploy:set_permissions:acl
at the really end of the deployment process? It actually seems that a composer install
process sets some file permissions which I need to override, thanks.
Hi,
I've a symfony application on my server. I want to set ACL on some directories to grant both ubuntu (deployer) and www-data (application) users.
The problem is that www-data create some files in those directories, making deploy:set_permissions:acl
not working as ubuntu is not the owner of that files...
I wanted to know if it's possible to use deploy:set_permissions:acl
with a sudo priviledge to ignore the file owner.
From a moment, with the latest version of your extension, I have this kind of error after each deploy on production:
PHP Warning: include(/var/www/project.my/htdocs/releases/20141220185729/app/cache/prod/annotations/674aa954cf7567b8977e6a3466c5e760e3959a45.cache.php): failed to open stream: Permission denied
And there, the results of some getfacl tests
:
$ getfacl /var/www/project.my/htdocs/releases/20141220185729/app/cache/prod/annotations/674aa954cf7567b8977e6a3466c5e760e3959a45.cache.php
getfacl: Removing leading '/' from absolute path names
# file: var/www/project.my/htdocs/releases/20141220185729/app/cache/prod/annotations/674aa954cf7567b8977e6a3466c5e760e3959a45.cache.php
# owner: ddn
# group: ddn
user::rw-
user:www-data:rwx #effective:---
user:ddn:rwx #effective:---
group::r-x #effective:---
mask::---
other::---
$ getfacl /var/www/project.my/htdocs/releases/20141220185729/app/cache/prod
getfacl: Removing leading '/' from absolute path names
# file: var/www/project.my/htdocs/releases/20141220185729/app/cache/prod
# owner: ddn
# group: ddn
user::rwx
user:www-data:rwx
user:ddn:rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:www-data:rwx
default:user:ddn:rwx
default:group::r-x
default:mask::rwx
default:other::r-x
And finaly, my deploy.rb
:
lock '~> 3.2'
set :application, 'project.my'
set :repo_url, '***.git'
set :deploy_to, '/var/www/project.my/htdocs'
set :scm, :git
set :format, :pretty
set :log_level, :info
set :sessions_path, fetch(:app_path) + '/sessions'
set :mailspool_path, fetch(:app_path) + '/mailspool'
set :linked_files, [fetch(:app_config_path) + '/parameters.yml']
set :linked_dirs, [fetch(:log_path), fetch(:sessions_path), fetch(:mailspool_path), 'node_modules', 'web/images', 'web/cache']
set :file_permissions_paths, [fetch(:log_path), fetch(:cache_path), fetch(:sessions_path), fetch(:mailspool_path), 'web/images', 'web/cache']
set :file_permissions_users, ["www-data"]
set :permission_method, :acl
set :use_set_permissions, true
set :keep_releases, 5
# Rake::Task['symfony:command'].reenable should be remove when PR will be merged: https://github.com/capistrano/symfony/pull/16
namespace :deploy do
before :starting, 'composer:install_executable'
after :updated, :after_updated do
invoke 'symfony:console', 'assets:install', fetch(:assets_install_path)
invoke 'symfony:console', 'assetic:dump', '--no-interaction'
invoke 'symfony:console', 'doctrine:migrations:migrate', '--no-interaction'
end
end
Do you have an idea of where this issue come from?
Thanks.
Hi,
I'm unfortunately facing this error with Ubuntu 14.04 but it works fine with Debian 8
Deploy.rb file:
set :file_permissions_paths, ["web", "web/logs", "resources/cache"]
set :file_permissions_chmod_mode, "0777"
set :file_permissions_users, ["www-data"]
before "deploy:updated", "deploy:set_permissions:acl"
Last stack:
INFO [e9cb5f4a] Running /usr/bin/env setfacl -dRn -m u:www-data:rwX -m u::rwX /var/www/html//releases/20160708145928/web /var/www/html//releases/20160708145928/web/logs /var/www/html/...
DEBUG [e9cb5f4a] Command: /usr/bin/env setfacl -dRn -m u:www-data:rwX -m u::rwX /var/www/html//releases/20160708145928/web /var/www/html//releases/20160708145928/web/logs /var/www/html/...
INFO [e9cb5f4a] Finished in 0.013 seconds with exit status 0 (successful).
DEBUG [648790b1] setfacl: Option -m: Invalid argument near character 3
Cap deploy failes. Update list and upgrade packages done.
Any idea please ?
Thanks very much
After successfully deploying to my staging environment, file permissions should be set.
However, an error comes up when this is being done:
** Execute deploy:set_permissions:check
cap aborted!
undefined method `include?' for nil:NilClass
/Library/Ruby/Gems/2.0.0/gems/capistrano-file-permissions-0.0.1/lib/capistrano/tasks/file-permissions.rake:9:in `block in absolute_writable_paths'
/Library/Ruby/Gems/2.0.0/gems/capistrano-file-permissions-0.0.1/lib/capistrano/tasks/file-permissions.rake:8:in `map'
/Library/Ruby/Gems/2.0.0/gems/capistrano-file-permissions-0.0.1/lib/capistrano/tasks/file-permissions.rake:8:in `absolute_writable_paths'
/Library/Ruby/Gems/2.0.0/gems/capistrano-file-permissions-0.0.1/lib/capistrano/tasks/file-permissions.rake:21:in `block (4 levels) in <top (required)>'
/Library/Ruby/Gems/2.0.0/gems/sshkit-1.3.0/lib/sshkit/backends/netssh.rb:54:in `instance_exec'
/Library/Ruby/Gems/2.0.0/gems/sshkit-1.3.0/lib/sshkit/backends/netssh.rb:54:in `run'
/Library/Ruby/Gems/2.0.0/gems/sshkit-1.3.0/lib/sshkit/runners/parallel.rb:12:in `block (2 levels) in execute'
Tasks: TOP => deploy:updated => deploy:set_permissions:acl => deploy:set_permissions:check
The deploy has failed with an error: #<NoMethodError: undefined method `include?' for nil:NilClass>
** Invoke deploy:failed (first_time)
** Execute deploy:failed
How to set different permission/ownership to a different folder?
I think the approach is not flexible.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.