Do best-practices say to restrict the usage of /var to sudoers?

Posted by NewAlexandria on Super User See other posts from Super User or by NewAlexandria
Published on 2012-10-25T14:49:12Z Indexed on 2012/10/25 17:03 UTC
Read the original article Hit count: 198

Filed under:

linux

|

permissions

|

package-management

|

directory-structure

|

shared-hosting

I wrote a package, and would like to use /var to persist some data. The data I'm storing would perhaps even be thought of as an addition for /var/db.

The pattern I observe is that files in /var/db, and the surrounds, are owned by root. The primary (intended) use of the package filters cron jobs - meaning you would need permissions to edit the crontab.

Should I presume a sudo install of the package?
Should I have the package gracefully degrade to a /usr subdir, and if so then which one?
If I 'opinionate' that any non-sudo install requires a configrc (with paths), where should the package look (presuming a shared-host environment) for that config file?

Incidentally, this package is a ruby gem, and you can find it here.

© Super User or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about permissions

Mailman Error / Cpanel

as seen on Server Fault - Search for 'Server Fault'
Mailman is giving off this error when any changes are made to the list: ======================= Bug in Mailman version 2.1.14 We're sorry, we hit a bug! Please inform the webmaster for this site of this problem. Printing of traceback and other system information has been explicitly… >>> More
NTFS Permissions - Correct combinations of special access permissions

as seen on Server Fault - Search for 'Server Fault'
What would be the correct combination of NTFS special access permissions to allow an AD group (Authenticated Users) to copy files to a share, but after copying no one in the AD group should be allowed to edit, overwrite, rename, or delete the file? The AD group should also be able to copy files from… >>> More
FTP, permissions: I cannot see permissions but I can change them

as seen on Super User - Search for 'Super User'
hi, I'm browsing a server with my ftp client. When I try to get the information about a folder, I cannot see the permissions (all rwx checkboxes are uncecked). If i try to check one of it, the opeartion is succesfull (I don't get any error), but then when I come back it is again unchecked. What… >>> More
Snow Leopard doesn't repair permissions, despite showing / saying its fixed them?

as seen on Super User - Search for 'Super User'
Sometime ago, I used carbon copy as I was replacing my hard drive in my Mac Mini running Snow Leopard. Afterwards, on my new drive I had some permission problems. I've tried several times running a repair permissions / repair disk from disk util. It shows that there are problems and I think it says… >>> More
IIS Permissions or NTFS Permissions?

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I currently have a Windows Server 2003 setup to serve multiple sites via IIS. One of our directories needs to allow access to only 1 specific AD Security Group. I know there are two ways to accomplish this. One is using IIS to add permissions and the other is to set permissions on the folder/directory… >>> More