switching back from buildout with mr.developer to a normal buildout (without sources.cfg) I got the following error:
# sudo -u plone_buildout bin/buildout
Updating zeoserver.
Updating client1.
While:
Updating client1.
An internal error occurred due to a bug in either zc.buildout or in a
recipe being used:
Traceback (most recent call last):
File "/opt/Plone/buildout-cache/eggs/zc.buildout-1.7.1-py2.7.egg/zc/buildout/buildout.py", line 1866, in main
getattr(buildout, command)(args)
File "/opt/Plone/buildout-cache/eggs/zc.buildout-1.7.1-py2.7.egg/zc/buildout/buildout.py", line 598, in install
self._uninstall(old_installed_files)
File "/opt/Plone/buildout-cache/eggs/zc.buildout-1.7.1-py2.7.egg/zc/buildout/buildout.py", line 798, in _uninstall
rmtree(f)
File "/opt/Plone/buildout-cache/eggs/zc.buildout-1.7.1-py2.7.egg/zc/buildout/rmtree.py", line 60, in rmtree
shutil.rmtree (path, onerror = retry_writeable)
File "/opt/Plone/Python-2.7/lib/python2.7/shutil.py", line 252, in rmtree
onerror(os.remove, fullname, sys.exc_info())
File "/opt/Plone/buildout-cache/eggs/zc.buildout-1.7.1-py2.7.egg/zc/buildout/rmtree.py", line 57, in retry_writeable
os.chmod (path, 0600)
OSError: [Errno 1] Operation not permitted: '/opt/Plone/zeocluster/parts/client1/site.py'
*************** PICKED VERSIONS ****************
[versions]
*************** /PICKED VERSIONS ***************
What's wrong? I don't understand the error message.
Anyone can help?
There is no need to run Plone buildout as user 'root'. Install Plone as normal user
and run buildout as normal user and ensure that the buildout directory is owned
by the related user account. chown is your friend.
I don't understand this - can you help me follow the logic, please?
On 04/10/16 12:23, Andreas Jung wrote:
As said: /don't use root/
Surely the command: -
sudo -u plone_buildout bin/buildout
...is actually running as the plone_buildout user, and sudo is only being used to accomplish that, as document in the readme files for the latest versions of the 4.3.x and 5.0.x branches?
I personally do no care about what worked before...there is something
called "best practice".
What you are doing is "bad practice".
Specifically, looking at the readme files for both Plone 4.3.11 and 5.0.6, each one says: -
"Apply settings by running "sudo -u plone_buildout bin/buildout" in your instance directory."
Does this mean that the documentation in the current unified installers is invalid?
No idea what the documentation say, in particular never used the universal installer.
As said: you can install a Plone buildout fine without root permission as long as all system packages are installed.
The system user executing the buildout must not be root. It's convenient being root but then live with the consequences.
Using the universal installer - and also w/o - best practice is to run buildout vs. to run the instances as two different users. Never as root. Thus the instance user has only write access to buildouts ./var directory while buildout user has write access to the whole buildout directory. This way the hypothetical case of a breach of the isolation of Zope to not write in the file system except in var (zodb, blobs, logs) possible harm is reduced to data and no code can be modified.
I think @zopyx was a bit confused by your sudo and dis not read carefully enough!?