HCoop / hcoop / portal.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4a2a7e2) | patch
Run domtool as hcoop.daemon instead of hcoop
authorClinton Ebadi <clinton@unknownlamer.org>
Sat, 4 Oct 2014 23:00:23 +0000 (19:00 -0400)
committerClinton Ebadi <clinton@unknownlamer.org>
Sat, 4 Oct 2014 23:00:23 +0000 (19:00 -0400)
commit811dc1e5e566b76e8448fd1dcf156c8f2d56427a
tree116626299c237365c187ba59d5566d6e7f7d3756tree | snapshot (tar.gz zip)
parent4a2a7e23187c7a1a2e23c702437c2b583d0aa48acommit | diff
Run domtool as hcoop.daemon instead of hcoop

Previous releases inadvertently took advantage of a weakness in
domtool's afs acls to access the hcoop key when interacting with
domtool. Now that it has been fixed, a dummy domtool user
`hcoop.daemon' with no permissions exists so that it can authenticate
to domtool and perform the simple queries required by the portal.

We still have to set DOMTOOL_USER internally because suexec scrubs the
environment and using mod_env to set it does not work.
aptquery.sml diff | blob | blame | history
domtool.sml diff | blob | blame | history
sec.sml diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.