[Box-Admins] Granting 'webteam' rights on files.squeak.org

[Tobias Pape]

Dear all

I have given the 'webteam' account rights on the files.squeak.org files
so that the webteam can update things there during the release process.
  In this course, I have moved the files for files.squeak.org out of the
box2 chroot environment to the proper box4 environment.

Here's the transcript of actions (from ~root/admin-log.txt)

Best regards
	-Tobias

 Make the webteam able to access the files... files
 1. Move files from the zombie-box to the real one.
    Find out whether we have to worry about user name aliasing.

root at squeak-box4:~# find /srv/box2/var/www/files/ -exec stat -c %g {} \+ | sort | uniq| while read uid ; do chroot /srv/box2 /usr/bin/getent group $uid; done
root:x:0:
etoys:x:1002:
website:x:1004:
exupery:x:1011:
debian:x:1014:
updates:x:1015:
hydravm:x:1020:
chriscunnington:x:1029:

root at squeak-box4:~# find /srv/box2/var/www/files/ -exec stat -c %g {} \+ | sort | uniq| while read uid ; do chroot /srv/box2 /usr/bin/getent group $uid; done  | cut -d: -f1 | while read ngid; do getent group $ngid; done
root:x:0:
website:x:1010:webteam
chriscunnington:x:1002:

    Ok, save for chris, none of the old users exists, were obviously not able to login for years and are obsolete. So its safe to not care and push everything to website. These are the 'root' files:

root at squeak-box4:~# find /srv/box2/var/www/files/ -user 0
/srv/box2/var/www/files/3.10/.tmp/Squeak3.10-7159-basic.image
/srv/box2/var/www/files/3.10/.tmp/Squeak3.10-7159-basic.changes
/srv/box2/var/www/files/4.2/4.3
/srv/box2/var/www/files/4.0/unix-linux/SqueakV40.sources.gz
/srv/box2/var/www/files/4.0/SqueakV40.sources.gz

    These are obviously root-owned in error. Hence, all files will now be owned by 'website'

root at squeak-box4:~# mv /srv/box2/var/www/files /var/www/files.squeak.org
root at squeak-box4:~# chown -R website:website /var/www/files.squeak.org
root at squeak-box4:~# find /var/www/files.squeak.org  -exec stat -c %U {} \+ | sort | uniq
website

    See whether some absolute links need to be fixed:

# find /var/www/files.squeak.org -type l -ls | grep ' -> /'
791939    0 lrwxrwxrwx   1 website  website        52 Apr 12  2008 /var/www/files.squeak.org/3.10alpha/win/SqueakVM-Win32-3.10.6-bin.zip -> /var/www/files/3.9/win/SqueakVM-Win32-3.10.6-bin.zip
791936    0 lrwxrwxrwx   1 website  website        39 Apr 12  2008 /var/www/files.squeak.org/3.10alpha/SqueakV39.sources.gz -> /var/www/files/3.9/SqueakV39.sources.gz
791895    0 lrwxrwxrwx   1 website  website        52 May  9  2008 /var/www/files.squeak.org/3.10/win/SqueakVM-Win32-3.10.6-bin.zip -> /var/www/files/3.9/win/SqueakVM-Win32-3.10.6-bin.zip
791892    0 lrwxrwxrwx   1 website  website        39 May  9  2008 /var/www/files.squeak.org/3.10/SqueakV39.sources.gz -> /var/www/files/3.9/SqueakV39.sources.gz

    Yes. I fixed them manually
    Now adapt nginx:

root at squeak-box4:~# vi /etc/nginx/sites-available/files.squeak.org.conf 
# /srv/box2/var/www/files -> /var/www/files.squeak.org

   And reload it

root at squeak-box4:~# invoke-rc.d nginx reload
[ ok ] Reloading nginx: nginx.

 2. Grant access to webteam
    Let the webteam be part of the website group

root at squeak-box4:~# adduser webteam website

    Make sure the website group (incl, webteam) can write.

root at squeak-box4:~# chmod -R g+w /var/www/files.squeak.org

    Make sure that _when_ webteam writes, the website _group_ is retained

root at squeak-box4:~# find /var/www/files.squeak.org -type d -exec chmod u+s,g+s {} \+

 That's all folks