[arch-general] pacman caches packages with u=rw, g=, o= permissions

[mpan]

> According to
> https://wiki.archlinux.org/title/System_maintenance#Partial_upgrades_are_unsupported
> pacman -Sywu is not safe. But pacman -Syu is safe. Quoting the wiki, the
> rational is that pacman -Sywu
>      will update the pacman sync database without installing the newer packages.
> What I fail to see is why pacman -Sywu, followed by pacman -Su,
> 1. Will update the pacman sync database without installing the newer packages.
> But then
> 2. Will not update the pacman sync database while installing the
>     packages it has prevoiusly downloaded.
   If `-Sywu` is *immediately* followed by `-Su` then there is no risk 
of running into a partial upgrade, but:

  1) Then there is normally no reason to run those as separate commands,
     as `-Sywu` immediately followed by `-Su` has no benefits compared
     to simple `-Syu`. `-Sywu` is used to avoid the update, but download
     package files to the cache.
  2) You are mentioning a system timer, so I assume `-Sywu` is not
     immediately followed by `-Su`. Unless you are also running
     unattended updates, which is even worse and *will* eventually
     break your system.

   `checkupdates -d` does exactly the same as `-Sywu`, but without 
updating the system-wide sync databases. So pacman’s view of everything 
remains the same as if nothing was updated. It only gets package files 
in the cache.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20220119/ca519c77/attachment.sig>