> Is that your real program
Close, but copied from my (changing) notes, not from the actual code. See
below.
> but changing something to the same data amounts to it being *unchanged*,
> surely?
Nope. Not using Path::Tiny.
I found the info I need buried a further donw on its webpage. Apparently the
default IS to change the file to the running user's umask.
The webpage says
NOTE: because the file is written to a temporary file and then renamed,
the new file will wind up with permissions based on your current umask. This is
a feature to protect you from a race condition that would otherwise give
different permissions than you might expect. If you really want to keep the
original mode flags, use "append" with the truncate option.
I was using
$file->spew_utf8( $data );
So I changed that to
$file->append_utf8( { truncate => 1 }, $data );
and now it leaves the perms alone.
And it writes successfully *IF* the calling app's/user's perms are higher than
the target file's. Which is where I'm stuck a bit.
Unless there's something IN perl, I think maybe sudoers is what I need to fuss
with. Not sure yet.
> Can you please show your real program and data input, together with the
> output you want? We will also need to understand what parameters are being
> passed to your program, and where it gets the new values for user and group.
Here's the latest, current script
#!/usr/bin/perl
use 5.01201;
use strict;
use warnings;
use Path::Tiny qw(path);
my $var1 = shift;
my $outfile = '/home/aj/out.txt';
my @alldirs = qw(
/path/1
/path/2
);
my $var2 = "testing123";
my_usr = 'aj';
my_grp = 'users';
sub s_modify {
my %args = %{ shift @_ };
my $fn = $args{FN};
my $ar = $args{AR};
my $di = $args{DI};
my @dd = @{$args{DD};
foreach (@dd) {
my $dir = $_;
my $file = path($dir . "/" . $fn);
my $data = $file->slurp_utf8;
$data =~ s|(^$ar).*|${1} this was modified|;
$file->append_utf8( { truncate => 1 }, $data );
}
return;
}
s_modify (
{
FN => $outfile,
DD => \@alldirs,
AR => $var2,
DI => $var1
}
);
}
So the calling app is running as
USER = 'appuser'
GROUP = 'appgroup'
It calls my script, passing only one piece of scalar data to it:
$var1
My script then targets the output file
my $outfile = '/home/aj/out.txt';
where
ls -al /home/aj/out.txt
-rw------- 1 aj users 31K Jan 15 2017 /home/aj/out.txt
It searches/matches the line in it that
testing123 some other text
and changes it to
testing123 this was modified
If
'appuser' == 'root'
'appgroup' == 'root'
i.e. the calling app's running perms are greater than aj:users, the change is
made,
and, afterward, the file's perms are the same as they were before
ls -al /home/aj/out.txt
-rw------- 1 aj users 31K Jan 15 2017 /home/aj/out.txt
But if the calling app's running as a unique user
'appuser' == 'testapp'
'appgroup' == 'testapp'
where
id testapp
uid=12345(testapp) gid=12345(testapp) groups=12345(testapp)
grep testapp /etc/group
testapp:x:12345:
the changes don't get made; the target file is untouched.
So I guess the question is -
- is there a way in perl to authorize the callED perl script to have higher
perms than the callING app's, so that it can write to the file I'm targeting?
Or do I have to to this OUTSIDE of the perl script?
AJ
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
http://learn.perl.org/
