Our Apache server is proxying Hudson, while serving its static content directly.
As Apache workers are run by user www-data and group www-data, they're not entitled to access /var/run/hudson and /var/lib/hudson since they're only group readable (hudson:adm).
This comes from the fact the .deb package postinst script performs:
- chown hudson:adm on /var/run/hudson and /var/lib/hudson. Why "adm"?
- chmod 750 on /var/run/hudson and /var/lib/hudson. Why not user readable?
Could you please amend the postinst script so that:
- either it just set access rights at first installation time, so that my custom changes are not reset at upgrade time.
- or it uses: chmod 755.
- or it uses: chown hudson:www-data.
- or, simpler, it doesn't deal with such things at all.