When verifying a new platform, provision tries to change the permissions of drushrc.php to a writable state before actually creating it. So it throws an error and then continues on to create it and set the permissions back to 400:

Generating drushrc.php file
Could not change permissions of drushrc.php to 384 (chmod to 600 failed on /var/aegir/drupal-6.13/drushrc.php)
Drushrc file (/var/aegir/drupal-6.13/drushrc.php) was written successfully
Changed permissions of drushrc.php to 0400

This is per _provision_generate_config() in provision.drush.inc:

function _provision_generate_config() {
  drush_log(dt("Generating drushrc.php file"));
  provision_path("chmod", drush_get_option('docroot_path') . '/drushrc.php', 0600,
     dt('Changed permissions of drushrc.php to @confirm'),
      dt('Could not change permissions of drushrc.php to @confirm'));

  provision_save_platform_data();
  provision_path("chmod", drush_get_option('docroot_path') . '/drushrc.php', 0400,
    dt('Changed permissions of drushrc.php to @confirm'),
    dt('Could not change permissions of drushrc.php to @confirm'));
  return TRUE;
}

On a re-verify of a platform, it is ok, because it finds the file to chmod first before writing to it.

I'll have a fix shortly that uses provision_exists($path) to wrap it in a conditional and only try and change the permissions of it to 600 if it already exists. Everything else stays the same: file is written as normal, and then changed back to 400.

function _provision_generate_config() {
  $exists = provision_path_exists(drush_get_option('docroot_path') . '/drushrc.php');
  if ($exists) {
    drush_log(dt("Found existing drushrc.php file"));
    provision_path("chmod", drush_get_option('docroot_path') . '/drushrc.php', 0600,
       dt('Changed permissions of drushrc.php to @confirm'),
        dt('Could not change permissions of drushrc.php to @confirm'));
  }
  else {
    drush_log(dt("Generating drushrc.php file"));
  }
  provision_save_platform_data();
  provision_path("chmod", drush_get_option('docroot_path') . '/drushrc.php', 0400,
    dt('Changed permissions of drushrc.php to @confirm'),
    dt('Could not change permissions of drushrc.php to @confirm'));
  return TRUE;
}  
CommentFileSizeAuthor
#1 565012.patch1.38 KBmig5
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Anonymous’s picture

Status: Active » Needs review
FileSize
1.38 KB

Attached is a patch.

Expected behaviour in task output:

On verifying a new platform

Generating drushrc.php file
Drushrc file (/var/aegir/platforms/drupal-6.13_cp/drushrc.php) was written successfully
Changed permissions of drushrc.php to 0400

On re-verifying an existing platform

Found existing drushrc.php file
Changed permissions of drushrc.php to 0600
Drushrc file (/var/aegir/platforms/drupal-6.13_cp/drushrc.php) was written successfully
Changed permissions of drushrc.php to 0400
ac’s picture

Status: Needs review » Reviewed & tested by the community

works as advertised

Anonymous’s picture

Status: Reviewed & tested by the community » Fixed

Fixed in head. Thanks

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

  • Commit 7b9aa87 on debian, dev-dns, dev-envobject, dev-koumbit, dev-log_directory, dev-migrate_aliases, dev-multiserver-install, dev-newhooks, dev-nginx, dev-platform_management, dev-ports, dev-purgebackup, dev-restore, dev-services, dev-simplerinstaller, dev-site_rename, dev-ssl, dev_716166_apache_conf, dev_dns, dev_server_verify, prod-koumbit, ssl, dev-ssl-ip-allocation-refactor, dev-1205458-move_sites_out_of_platforms, 7.x-3.x, dev-subdir-multiserver, 6.x-2.x-backports, dev-helmo-3.x authored by mig5:
    #565012 - check drushrc.php exists on platform before trying to make it...