[cmake-developers] [CPackDeb][libarchive] removing use of fakeroot and supporting UID/GID/UNAME etc in libarchive
Raffi Enficiaud
raffi.enficiaud at mines-paris.org
Tue Sep 15 04:11:00 EDT 2015
Le 15/09/15 08:43, Domen Vrankar a écrit :
> 2015-09-14 23:49 GMT+02:00 Raffi Enficiaud <raffi.enficiaud at mines-paris.org>:
>> Le 14/09/15 23:34, Domen Vrankar a écrit :
>>>>
>>>> Thank you. However those two test are not mutually exclusive. I think
>>>> having
>>>> them on lintian is also a good thing.
>>>
>>>
>>> I've tried your test change before but lintian test complained that
>>> 775 are invalid permissions (should be 755). Is this caused by a
>>> different version of lintian or should I just modify your test to use
>>> 755 permissions and apply that?
>>>
>>
>> That's very good that it fails :)
>>
>> I tested on Ubuntu 14.04, maybe Debian distributions are even more strict.
>> Apparently the files that "file(WRITE ...)" created on your system are with
>> 775. I believe the problem lies in the "file(" commands rather than on a
>> different version of lintian.
>>
>> OTOH, I can see from this:
>>
>> https://lintian.debian.org/tags/control-file-has-bad-permissions.html
>>
>> that all files should have at least a permission mask set to ~S_IWGRP &
>> ~S_IWOTH (with "control_tar.SetPermissionsMask(~S_IWGRP & ~S_IWOTH)"), so
>> that the executable bit is left unchanged and the write bit is cleared for
>> group and others (755 and 644).
>>
>> What do you think?
>
> You are correct. I've reinstalled my virtual machine and retested with
> "control_tar.SetPermissionsMask(~S_IWGRP & ~S_IWOTH)" and it would
> seem that there was an issue in my testing environment - before this
> did not work as expected on my machine. Same goes for default
> permissions being 664/775 instead of 644/755.
>
> I would keep md5 checksum file permissions on 644 with SetPermissions
> and add SetPermissionsMask from above for the rest of control files.
> Would you agree?
From this (thanks to lintian now I have the proper link :) )
https://lintian.debian.org/tags/control-file-has-bad-permissions.html
https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
all control files:
- should be owned by root:root (+ I would say uid/gid 0/0, because root
may be mapped) which is the case now
- should be 755 or 644, depending if they are executable or not
The number of files that should be 755 are limited to (according to
linitian) config, postinst, postrm, preinst, and prerm. All others
should be 644.
So I would say without loss of generality, we can set the permission to
644 except for those config, postinst... files . I can send you a patch
based on 76c59007dd3944e23848b7d5912a59a7d3db6398 today (and update the
doc accordingly).
Is that good for you?
Raffi
More information about the cmake-developers
mailing list