I’m writing this post just to keep things straight in my head so I can decide how best to resolve this issue.
FreshPorts uses /var/db/freshports/cache/spooling on both the ingress jail and the nginx jail.
The nginx jail uses it for caching content. Page details are first spooled into /var/db/freshports/cache/spooling before moving it to /var/db/freshports/cache/ports.
The ingress jail uses this for refreshing various cached items.
This directory is configured by the FreshPorts-Scripts package, which is installed in both jails.
The problem: this directory is created chown freshports:freshports but it needs to be chown www:freshports in the jail.
My first question is: why does the nginx jail need the FreshPorts-Scripts package? It contains ingress related scripts. By that, I mean scripts related to incoming commits and the code to get them into the FreshPorts database.
How does it get into the jail?
[dan@x8dtu-nginx01:~] $ sudo pkg delete FreshPorts-Scripts Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 3 packages (of 0 packages in the universe): Installed packages to be REMOVED: FreshPorts-Scripts-1.1.15 py27-freshports-fp-listen-1.0.10_3 freshports-www-1.2.6 Number of packages to be removed: 3 The operation will free 4 MiB. Proceed with deinstalling packages? [y/N]: n
Two other ports require it.
Ahh, yes, the fp-listen daemon needs the scripts:
[dan@x8dtu-nginx01:~] $ ps auwwx | grep fp-listen root 35775 0.0 0.0 4244 1944 - IJ 17:58 0:00.00 supervise fp-listen freshports 35777 0.0 0.0 21076 16392 - SJ 17:58 0:00.43 /usr/local/bin/python2.7 /usr/local/lib/python2.7/site-packages/fp-listen/fp-listen.pyc dan 74034 0.0 0.0 6660 2532 2 S+J 18:57 0:00.00 grep fp-listen [dan@x8dtu-nginx01:~] $
That’s going to be running on nginx regardless. That daemon listens to the PostgreSQL database for updates and clears the relevant portions of on-disk cache.
At first, I was trying to figure out what was installing the www user on the nginx jail. Then I realized, with help, that the www user is installed by default after having been added back in 2001.
It was originally added in 2001.
I see a solution:
- chown www:freshports
- chmod 775
That translates to this entry in the pkg-plist file:
@dir(www,freshports,775) %%FP_DATADIR%%/cache/spooling
That seems to fix the rename errors I was seeing:
2019/05/25 18:32:33 [error] 35875#100912: *4277 FastCGI sent in stderr: "PHP message: PHP Warning: rename(/tmp/ports.dns.odsclient.Detail.head.PageSize100.PageNum1.html.tmpmuB0Ah,/var/db/freshports/cache/ports/dns/odsclient/Detail.h ead.PageSize100.PageNum1.html): Operation not permitted in /usr/local/www/freshports/classes/cache.php on line 83" while reading response header from upstream, client: 64.233.172.83, server: www.freshports.org, request: "GET /dns/odsclient HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "www.freshports.org"
Thanks for coming to my TED talk.
