Bug #1030

Change permissions so user can delete SIP backups, failed SIPs, and stored AIPs

Added by Courtney Mumma over 10 years ago. Updated almost 9 years ago.

Status:VerifiedStart date:
Priority:HighDue date:
Assignee:Joseph Perry% Done:

0%

Category:-
Target version:Release 0.7
Google Code Legacy ID:archivematica-375 Pull Request:
Sponsored: Requires documentation:

Description

Especially during testing, it would be useful to avoid having to delete folder content from root, which is bad practice anyway.

[g] Legacy categories: Security

History

#1 Updated by Evelyn McLellan over 10 years ago

  • Priority changed from Critical to High

Assigning to Joseph.

[g] Labels added: Priority-High, Component-Security
[g] Labels removed: Priority-Critical
[g] New owner: Joseph Perry

#2 Updated by Joseph Perry over 10 years ago

  • Status changed from New to New

To grant delete rights is also granting edit rights.
Correct me if I'm wrong, but stored AIPs should be under a high level of security; including preventing edits and removals (accidental or malicious).

What I'd like to see for the SIP backups, is that they are removed automatically, once successful transfer to the AIP store has occurred, and been verified.

I can definitely understand the need to remove failed SIPs easily. While we were debugging permission issues, it was useful to have a direct representation of the permissions on the files at the time, but I think we're past that. We could add a pre-failed directory that set the permissions on all the files, then moved it to the failed directory. Feature freeze is today, so I don't believe that will be in the 0.7 release.

I've added a gksudo remove command to the thunar scripts, which I think will meet our requirements for 0.7, but I'd like to hear more about why this is considered bad practice.

#3 Updated by Courtney Mumma over 10 years ago

Hi Joseph - You are correct about stored AIPs; however, these AIPs are just sitting and waiting to be stored. We need permission to copy them onto a removable drive so that we can physically remove them from the server and upload them to our networked storage from another machine.

Everything I've read about working from root in linux says that, for amateurs, it's not recommended. While none of you are amateurs, I certainly am : )

#4 Updated by Evelyn McLellan over 10 years ago

I agree that the archivist should be able to delete stored AIPs and failed SIPs. SIP backups should be removed automatically once the AIP has been stored. We can discuss inclusion in 0.7.

#5 Updated by Evelyn McLellan over 10 years ago

  • Status changed from New to Verified

Fixed. User can delete SIPs/AIPs through the Thunar right-click scripts in post-0.6.2. Will make separate issue of automatic deletion of SIPs from SIPbackups because it needs to be added as new feature for 0.8 (it's complicated because integrity of stored AIP should be verified before deletion takes place).

#6 Updated by Joseph Perry over 10 years ago

In regards to the working from root: This scripted solution isn't "working as root", but running a single command as root. The sudo permissions are required, because the files themselves are owned by the archivematica system, and protected against user modifications.

This arguably could be changed for the failed directory, but it is still useful for us to have an accurate representation of the file permissions at the time processing failed, and I feel the given solution will cover the desired effect (make deletes easier).

Also available in: Atom PDF