[pacman-dev] Directory permission checking in makepkg
Hi all, I was looking at bug FS#5908 [1] which asks for directory permissions to be checked somewhere in order to stop screwing your system when installing a poorly made package (as directory permissions get overwritten when extracting packages). This at first glance seems about a two line addition to the tidy_install function of makepkg. However, can anybody come up with a case where package directories shouldn't have 755 permissions? If so, I guess this would require either the addition of some option which would stop the directory permissions getting fixed (dirperm?) or just checking/fixing the permissions of a predetermined set of directories. If needed, which is preferable. Cheers, Allan [1] http://bugs.archlinux.org/task/5908
On Dec 6, 2007 7:35 AM, Allan McRae <mcrae_allan@hotmail.com> wrote:
Hi all,
I was looking at bug FS#5908 [1] which asks for directory permissions to be checked somewhere in order to stop screwing your system when installing a poorly made package (as directory permissions get overwritten when extracting packages).
This at first glance seems about a two line addition to the tidy_install function of makepkg. However, can anybody come up with a case where package directories shouldn't have 755 permissions? If so, I guess this would require either the addition of some option which would stop the directory permissions getting fixed (dirperm?) or just checking/fixing the permissions of a predetermined set of directories. If needed, which is preferable.
Pacman itself now does a good amount of permissions checking on install, and I believe it never overwrites an existing directory's permissions. Can anyone else verify this? -Dan
On Thu, Dec 06, 2007 at 08:06:28AM -0600, Dan McGee wrote:
On Dec 6, 2007 7:35 AM, Allan McRae <mcrae_allan@hotmail.com> wrote:
Hi all,
I was looking at bug FS#5908 [1] which asks for directory permissions to be checked somewhere in order to stop screwing your system when installing a poorly made package (as directory permissions get overwritten when extracting packages).
This at first glance seems about a two line addition to the tidy_install function of makepkg. However, can anybody come up with a case where package directories shouldn't have 755 permissions? If so, I guess this would require either the addition of some option which would stop the directory permissions getting fixed (dirperm?) or just checking/fixing the permissions of a predetermined set of directories. If needed, which is preferable.
Pacman itself now does a good amount of permissions checking on install, and I believe it never overwrites an existing directory's permissions. Can anyone else verify this?
Apparently, you made pacman skip the dir extraction when it already existed. Reinstalling filesystem a few times confirm this (with -S or -Sf), I always get the following message: warning: directory permissions differ on proc/ filesystem: 555 package: 755 One question : does a bug need to be reported for each of these problems?
On Dec 6, 2007 11:36 AM, Xavier <shiningxc@gmail.com> wrote:
On Thu, Dec 06, 2007 at 08:06:28AM -0600, Dan McGee wrote:
On Dec 6, 2007 7:35 AM, Allan McRae <mcrae_allan@hotmail.com> wrote:
Hi all,
I was looking at bug FS#5908 [1] which asks for directory permissions to be checked somewhere in order to stop screwing your system when installing a poorly made package (as directory permissions get overwritten when extracting packages).
This at first glance seems about a two line addition to the tidy_install function of makepkg. However, can anybody come up with a case where package directories shouldn't have 755 permissions? If so, I guess this would require either the addition of some option which would stop the directory permissions getting fixed (dirperm?) or just checking/fixing the permissions of a predetermined set of directories. If needed, which is preferable.
Pacman itself now does a good amount of permissions checking on install, and I believe it never overwrites an existing directory's permissions. Can anyone else verify this?
Apparently, you made pacman skip the dir extraction when it already existed. Reinstalling filesystem a few times confirm this (with -S or -Sf), I always get the following message: warning: directory permissions differ on proc/ filesystem: 555 package: 755
One question : does a bug need to be reported for each of these problems?
I'll add a bug for the filesystem package, if that's what you mean
On Thu, Dec 06, 2007 at 11:50:18AM -0600, Aaron Griffin wrote:
I'll add a bug for the filesystem package, if that's what you mean
Yes, that's exactly what I meant, thanks. I read my question again, and it was not clear indeed ;)
Xavier wrote:
On Thu, Dec 06, 2007 at 08:06:28AM -0600, Dan McGee wrote:
On Dec 6, 2007 7:35 AM, Allan McRae <mcrae_allan@hotmail.com> wrote:
Hi all,
I was looking at bug FS#5908 [1] which asks for directory permissions to be checked somewhere in order to stop screwing your system when installing a poorly made package (as directory permissions get overwritten when extracting packages).
This at first glance seems about a two line addition to the tidy_install function of makepkg. However, can anybody come up with a case where package directories shouldn't have 755 permissions? If so, I guess this would require either the addition of some option which would stop the directory permissions getting fixed (dirperm?) or just checking/fixing the permissions of a predetermined set of directories. If needed, which is preferable.
Pacman itself now does a good amount of permissions checking on install, and I believe it never overwrites an existing directory's permissions. Can anyone else verify this?
Apparently, you made pacman skip the dir extraction when it already existed. Reinstalling filesystem a few times confirm this (with -S or -Sf), <...snip> OK, I suppose FS#5908 can be closed then.
Thanks, Allan
participants (4)
-
Aaron Griffin
-
Allan McRae
-
Dan McGee
-
Xavier