Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

tar extracts archive with broken permissions #170

Open
bcoe opened this issue Aug 15, 2017 · 1 comment
Open

tar extracts archive with broken permissions #170

bcoe opened this issue Aug 15, 2017 · 1 comment

Comments

@bcoe
Copy link
Contributor

bcoe commented Aug 15, 2017

We've noticed an occasional bug at npm during the analyzer's tar extraction step:

  • tar files are extracted into the /tmp/npms-analyzer folder which has world readable permissions.
  • occasionally a tar file extracts that changes the permissions, this results in a file being created that cannot be accessed by npms-analyzer.
  • the analyzer, in turn, starts crashing.

This might be related to the settings --same-owner , and --preserve-permissions but it seems like these settings should be defaulting appropriately for a non-super user (our analyzer is run as ubuntu):

# npms-analyzer-consume node 0

description "rank packages based on several metrics"

start on started network-services
stop on stopping network-services
respawn
setuid ubuntu
setgid ubuntu

We do not currently use bsdtar, so one thought I had was perhaps switching to the default tar program that npms-analyzer looks for might solve the problem?

any thoughts, have you bumped into anything similar?
@satazor
Copy link
Member

satazor commented Aug 15, 2017

Could you provide the error message produced so I could search in kibana? Also do you know the particular package that causes this?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bcoe @satazor