makepkg creates corrupted package if default setfacl is used

David Cohen dacohen at pm.me
Sun Sep 26 04:54:19 UTC 2021


Hi,

I set my home dir with "setfacl -d -m u::rwx". That means files and
directories created will have no permission for 'group' and 'others'.
Afte installing the AUR python-proton-client, I got some of the
following installed files as:

$ ls -lh
/usr/lib/python3.9/site-packages/proton_client-0.6.1-py3.9.egg-info
total 28K
-rw------- 1 root root 1 Sep 25 23:05 dependency_links.txt
-rw------- 1 root root 8.8K Sep 25 23:05 PKG-INFO
-rw------- 1 root root 39 Sep 25 23:05 requires.txt
-rw------- 1 root root 609 Sep 25 23:05 SOURCES.txt
-rw------- 1 root root 7 Sep 25 23:05 top_level.txt

The files inherited the default ACL, but for root user, making the
files unaccessible for non root users.

If this is an expected behavior, makepkg should give a warning in case
default ACL is set. If not, this is a bug to be addressed.
Can someone confirm this?

IMO the created packages should be agnostic WRT default ACL (i.e. it
should enforce permission 755 for directories and 644 for files by
default), unless the build script overrides with a custom ACL.

Thanks,

David





More information about the pacman-dev mailing list