Restrict File Permissions

[katauber]

Resolves #133

[Phu2]

During deployment using docker for testing purposes i get

=> ERROR [13/13] RUN lein release 

[...]
 
#0 36.02 Could not find artifact org.metafacture:metafix:jar:0.6.1 in central (https://repo1.maven.org/maven2/)
#0 36.02 Could not find artifact org.metafacture:metafix:jar:0.6.1 in clojars (https://repo.clojars.org/)

[...]
#0 36.02 Suppressed exit
------
failed to solve: process "/bin/sh -c lein release" did not complete successfully: exit code: 1

How can i resolve this error?

[Phu2]

Ah, resolved. I was using the wrong 0.6.0-rc3 tag.

[Phu2]

Deployed docker version to http://test-metadaten-nrw.hbz-nrw.de:3100/
All main examples are working.

[dr0i]

Is this PR only deployed in docker containers? I ask because of #135.

[Phu2]

I just wanted to be sure that these settings also work in the container with node:18.13.0-buster as the base image atm.
We have seen in the past that the required permissions varies between (local) environments and docker container.

[katauber]

I didn't deployed it yet.
I think the changes of #135 are on the server already before there was the pull request. I think this issue mixed two things together: on one hand incorrect syntax of a permission and on the other hand the fact, that lobid-organisations is affected by the .java-policy.
The PR that I merged today does only solve the first thing.
In my opinion the second thing is nothing that I can solve. It's the concept of the java.policy and the Security Manager that's a policy for the whole environment and not for one project. That's no error.

[dr0i]

ok I see: a) we have tested containers and b) I will test on metal (where several other java apps might be affected)

[dr0i]

Not good:

2023-09-29T13:21:45+0200] error : 'nwbib' failed to start (exit status -1) -- '/home/sol/git/nwbib/monit_restart.sh nwbib start 8000 -Xmx2048m,-Xms2048m': Program timed out -- java.security.policy: Fehler beim Hinzufügen von Berechtigung, java.net.URLPermission:
java.lang.IllegalArgumentException: Invalid URL string: ""
[2023-09-29T13:22:16+0200] error : 'rpb' failed to start (exit status -1) -- '/home/sol/git/rpb/monit_restart.sh rpb start 1991 -Xmx2048m,-Xms1024m': Program timed out -- java.security.policy: Fehler beim Hinzufügen von Berechtigung, java.net.URLPermission:
java.lang.IllegalArgumentException: Invalid URL string: ""
[2023-09-29T13:22:52+0200] error : 'lobid-gnd' failed to start (exit status -1) -- '/home/sol/git/lobid-gnd/monit_restart.sh lobid-gnd start 7100': Program timed out -- java.security.policy: Fehler beim Hinzufügen von Berechtigung, java.net.URLPermission:
java.lang.IllegalArgumentException: Invalid URL string: "*"

[dr0i]

After discussion offline with @katauber : these URL permission problems are already solved and in master but not in this branch. So they are no problem here.