<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 28 Jul 2015, at 16:50, Joshua Root <<a href="mailto:jmr@macports.org" class="">jmr@macports.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">On 2015-7-29 00:08 , Björn Raupach wrote:</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><blockquote type="cite" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">hi joshua,<br class=""><br class=""><blockquote type="cite" class="">On 28 Jul 2015, at 15:59, Joshua Root <<a href="mailto:jmr@macports.org" class="">jmr@macports.org</a>> wrote:<br class=""><br class="">On 2015-7-28 22:28 , Björn Raupach wrote:<br class=""><blockquote type="cite" class="">Dear group,<br class=""><br class="">I am new to Portfile development and have a problem with permissions for users and groups. At the moment I am trying to create a Portfile for Apache Tomcat 8. I would like to run Tomcat as non-root with a user `tomcat` and group `tomcat`. I am a bit lost.<br class=""><br class="">set catalina_home ${destroot}${prefix}/share/java/${name}<br class="">set tomcat_user tomcat<br class="">set tomcat_group tomcat<br class="">add_users ${tomcat_user} group=${tomcat_group}<br class=""><br class="">I saw these lines in some other ports, for example couchdb, and figured that is the way to go even though I don’t find the macro add_users anywhere in the documentation.<span class="Apple-converted-space"> </span><br class=""><br class="">My destroot-phase currently looks like this:<br class=""><br class="">destroot {<br class=""> xinstall -m 755 -g ${tomcat_group} -d ${catalina_home}<br class=""><br class=""> file copy \<br class=""> ${worksrcpath}/LICENSE \<br class=""> ${worksrcpath}/NOTICE \<br class=""> ${worksrcpath}/RELEASE-NOTES \<br class=""> ${worksrcpath}/RUNNING.txt \<br class=""> ${worksrcpath}/bin \<br class=""> ${worksrcpath}/conf \<br class=""> ${worksrcpath}/lib \<br class=""> ${worksrcpath}/logs \<br class=""> ${worksrcpath}/temp \<br class=""> ${worksrcpath}/webapps \<br class=""> ${worksrcpath}/work \<br class=""> ${catalina_home}<br class=""><br class=""> xinstall -m 644 ${filespath}/setenv.sh ${catalina_home}/bin/setenv.sh.default<br class=""><br class=""> # replace @PREFIX@ to ${prefix}<br class=""> reinplace "s|@PREFIX@|${prefix}|g" ${catalina_home}/bin/setenv.sh.default<br class=""> # replace @NAME@ to ${name}<br class=""> reinplace "s|@NAME@|${name}|g" ${catalina_home}/bin/setenv.sh.default<br class="">}<br class=""><br class="">However `/opt/local/share/java/tomcat8` has the ownership `root:admin` and not `root:tomcat`.<br class=""></blockquote><br class="">First try running the destroot target (rather than install) and check<br class="">the permissions on ${destroot}${prefix}/share/java/tomcat8. The destroot<br class="">dir will be in the path given by `port work tomcat8` BTW.<br class=""></blockquote><br class="">Nice. I did not know I could do that. Thanks!<br class=""><br class="">Well, I checked. In the destroot-phase the permissions are like I want them to. The owner of the tomcat8 directory is `root` and the group is `tomcat`. After destroot I only have a post-activate phase that does not touch permissions.<br class=""><br class="">post-activate {<br class=""> if {![file exists ${prefix}/share/java/${name}/bin/setenv.sh]} {<br class=""> file copy ${prefix}/share/java/${name}/bin/setenv.sh.default \<br class=""> ${prefix}/share/java/${name}/bin/setenv.sh<br class=""> }<br class="">}<br class=""></blockquote><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">(Please keep replies on the list.)</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""></div></blockquote><div><br class=""></div><div>Sorry. I just hit reply. This works on my other mailing lists but not here. </div><br class=""><blockquote type="cite" class=""><div class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">OK, so the ownership in the port image is probably OK. You can verify</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">that by running 'tar -vtjf $archive' where $archive is the .tbz2 file in</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">/opt/local/var/macports/software/tomcat8 when the port is installed.</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">Does the /opt/local/share/java/tomcat8 directory already exist? If it</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">does, it will not be modified when the port is activated. Ports don't</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">have exclusive ownership of directories like they do files, since</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">multiple ports can install files in the same directory.</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""></div></blockquote><div><br class=""></div><div>Again. So sorry. Josh, you were right. That directory was already present. After I deleted the folder and did a new port install I get the permissions like I want them to. Thanks!</div><div><br class=""></div><div>So the approach with add_users is correct?</div><br class=""><blockquote type="cite" class=""><div class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">- Josh</span></div></blockquote></div><br class=""></body></html>