[RESOLVED] Permissions on remote/secondary repositories

Questions about WAPT Server / Requests and help related to the WAPT server
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

April 3, 2018 - 3:55 PM

Good morning,

Following the installation of a WAPT 1.5.1.22 server on a Debian 9 machine and a main repository, I set up 4 other secondary servers allowing me to replicate, however the permissions "jump" when the data is replicated on the secondary repositories, it only changes the www-data group to wapt.
This causes errors, particularly when a machine that has a secondary repository as a parameter and the server tries to install a package, it refuses access.

Example of the error:

Code: Select all

Exception: Erreur lors de l'installation de alti-keepass (=2.38-24): erreurs dans les paquets [[(u'https://XXXXXXXX/wapt/alti-keepass_2.38-24_all.wapt', '403 Client Error: Forbidden for url: https://XXXXXXXXXXX/wapt/alti-keepass_2.38-24_all.wapt'), None], [u'alti-keepass (=2.38-24)', PackageEntry('alti-keepass','2.38-24') ]]
But when I add the correct group (www-data) to my packages on my remote servers it works.

My question is: How can we transfer packages/wapt-host without losing the permissions that are initially assigned?

Thank you for your help.

Martin
Last edited by mart03 on 29 Jan 2020 - 09:13, edited 1 time.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

April 5, 2018 - 6:39 PM

To be a little more specific, are you using the synthesizing solution for replication?
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

April 6, 2018 - 9:56 AM

Oops, yes, absolutely, I use the Syncthing solution.
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

April 7, 2018 - 11:26

What does the command return?

Code: Select all

groups wapt
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

April 24, 2018 - 4:10 PM

Hello,

Sorry for the late reply.
Here's what the `groups wapt` command gives me:

Regards,
Martin
Attachments
Capture.JPG
Capture.JPG (15.24 KB) Viewed 7027 times
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

April 24, 2018 - 4:38 PM

I did some research, so I added the www-data group using the command:

Code: Select all

adduser wapt www-data
And then change the primary group:

Code: Select all

usermod --gid www-data wapt
Now we need to see if we can leave the other groups affected: cdrom, floppy, audio...
Or can they be detached from the user?
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

April 25, 2018 - 4:50 PM

Yes, normally in the current documentation, we install waptrepo (version 1.3).

This normally creates a wapt user with the www-data group

, and since we launch syncthing with the wapt user, normally the rights are correct.
High
mart03
Messages: 47
Registration: December 26, 2017 - 11:03

April 26, 2018 - 09:04

Okay, thank you very much!

I think my mistake stems from the fact that I created a wapt user during the machine installation, so waptrepo couldn't create it and assign it to the correct group (in my opinion).

Martin
High
Locked

Return to "WAPT Server"


  • To go further with WAPT