From dc8e2b4c3e3a9a14c65f25ba59b4415cdf00c7e2 Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Tue, 21 Jul 2015 12:53:46 +0800
Subject: Bug 1184001 - deliver error report to sentry via cron instead of
 immediately

---
 Bugzilla/Install/Filesystem.pm | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

(limited to 'Bugzilla/Install')

diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm
index 4323975bc..34d0ee4ab 100644
--- a/Bugzilla/Install/Filesystem.pm
+++ b/Bugzilla/Install/Filesystem.pm
@@ -115,18 +115,19 @@ sub DIR_ALSO_WS_SERVE { _suexec() ? 0001 : 0 };
 # by this group. Otherwise someone may find it possible to change the cgis
 # when exploiting some security flaw somewhere (not necessarily in Bugzilla!)
 sub FILESYSTEM {
-    my $datadir       = bz_locations()->{'datadir'};
-    my $attachdir     = bz_locations()->{'attachdir'};
-    my $extensionsdir = bz_locations()->{'extensionsdir'};
-    my $webdotdir     = bz_locations()->{'webdotdir'};
-    my $templatedir   = bz_locations()->{'templatedir'};
-    my $libdir        = bz_locations()->{'libpath'};
-    my $extlib        = bz_locations()->{'ext_libpath'};
-    my $skinsdir      = bz_locations()->{'skinsdir'};
-    my $localconfig   = bz_locations()->{'localconfig'};
+    my $datadir        = bz_locations()->{'datadir'};
+    my $attachdir      = bz_locations()->{'attachdir'};
+    my $extensionsdir  = bz_locations()->{'extensionsdir'};
+    my $webdotdir      = bz_locations()->{'webdotdir'};
+    my $templatedir    = bz_locations()->{'templatedir'};
+    my $libdir         = bz_locations()->{'libpath'};
+    my $extlib         = bz_locations()->{'ext_libpath'};
+    my $skinsdir       = bz_locations()->{'skinsdir'};
+    my $localconfig    = bz_locations()->{'localconfig'};
     my $template_cache = bz_locations()->{'template_cache'};
-    my $graphsdir     = bz_locations()->{'graphsdir'};
-    my $assetsdir     = bz_locations()->{'assetsdir'};
+    my $graphsdir      = bz_locations()->{'graphsdir'};
+    my $assetsdir      = bz_locations()->{'assetsdir'};
+    my $error_reports  = bz_locations()->{'error_reports'};
 
     # We want to set the permissions the same for all localconfig files
     # across all PROJECTs, so we do something special with $localconfig,
@@ -207,6 +208,8 @@ sub FILESYSTEM {
         # Writeable directories
          $template_cache    => { files => CGI_READ,
                                   dirs => DIR_CGI_OVERWRITE },
+         $error_reports     => { files => CGI_READ,
+                                  dirs => DIR_CGI_WRITE },
          $attachdir         => { files => CGI_WRITE,
                                   dirs => DIR_CGI_WRITE },
          $webdotdir         => { files => WS_SERVE,
@@ -296,6 +299,8 @@ sub FILESYSTEM {
         $graphsdir              => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
         $webdotdir              => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
         $assetsdir              => DIR_CGI_WRITE | DIR_ALSO_WS_SERVE,
+        $template_cache         => DIR_CGI_WRITE,
+        $error_reports          => DIR_CGI_WRITE,
         # Directories that contain content served directly by the web server.
         "$skinsdir/custom"      => DIR_WS_SERVE,
         "$skinsdir/contrib"     => DIR_WS_SERVE,
@@ -359,6 +364,8 @@ EOT
                                           contents => HT_DEFAULT_DENY },
         "$datadir/.htaccess"         => { perms    => WS_SERVE,
                                           contents => HT_DEFAULT_DENY },
+        "$error_reports/.htaccess"   => { perms    => WS_SERVE,
+                                          contents => HT_DEFAULT_DENY },
 
         "$graphsdir/.htaccess" => { perms => WS_SERVE, contents => <<EOT
 # Allow access to .png and .gif files.
-- 
cgit v1.2.3-24-g4f1b