[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ltib] World writable dirs in ltib
From: |
Stuart Hughes |
Subject: |
Re: [Ltib] World writable dirs in ltib |
Date: |
Fri, 10 Jul 2009 11:41:50 +0100 |
User-agent: |
Thunderbird 2.0.0.16 (X11/20080707) |
Svein Seldal wrote:
Stuart Hughes wrote:
My core point is that I propose a fix where you don't need 777
permissions on either of these directories.
The patch for rpm-fs*.rpm does not set the permissions for the two
areas above to root (with 777). Instead it will use the owner of the
build user for these directories. This ensures that the dirs will
work when you're on a single user machine (which most are, I guess).
For those of us on multiuser machines, the sysop would need to change
the permissions accordingly.
Next the patch for ltib properly tests the access to pkg cache (by
using access() instead of just looking at the file permissions). And
it will not change the permissions in case of wrong access.
I will take another look at these and get back to you.
Would you please consider the patch for the ltib at least. It does the
following tests for the lpp:
1) -e and mkdir if not
2) -d and die if not (in case the file does exist as something else)
3) -r and -w using access()
The latter is my most important and prudent point. -r and -w will by
default only check the user r and w bits of the file's permissions. Same
will stat(). By instructing perl to use access() it can check if the
user really has -r or -w access (via ACL or by group/world permissions).
However, without going into a discussion, I would not recommend doing a
chmod in case no 3) fails.
How about the attached patch?
Regards, Stuart
Index: ltib
===================================================================
RCS file: /sources/ltib/ltib/ltib,v
retrieving revision 1.39
diff -u -r1.39 ltib
--- ltib 10 Jul 2009 10:06:05 -0000 1.39
+++ ltib 10 Jul 2009 10:40:01 -0000
@@ -2513,17 +2513,29 @@
$cf->{lpp}
Either change to a global directory you have write permissions to,
-or create it as root. Please set the permissions to 777
+or create it as root. Please set the permissions to 777, or something
+that will enable you and anyone else working on this machine to
+be able to create files in that directory.
TXT
}
- my $lpp_mode = (stat("$cf->{lpp}"))[2];
- unless( ($lpp_mode & 040777) == 040777 ) {
- chmod(0777, $cf->{lpp}) == 1 or die <<TXT;
+ if(! -d $cf->{lpp} ) {
+ die <<TXT;
-Build script aborting as the lpp directory is not configured properly.
-Directory: $cf->{lpp} must exist with read, write, and search
-permissions for owner, group, and world, i.e. drwxrwxrwx
+The download area (lpp): $cf->{lpp} exists but is not a directory.
+
+The default download area normally set to $cf->{defpfx}/pkgs.
+If you have changed this, please carefully re-check this setting.
+
+TXT
+ }
+ use filetest 'access';
+ unless(-w $cf->{lpp} && -r $cf->{lpp}) {
+ die <<TXT;
+
+Build script aborting as the lpp download directory is not configured properly.
+This directory: $cf->{lpp}
+must have read, write, and search permissions for the user: $cf->{username}
TXT
}
- [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/06
- Re: [Ltib] World writable dirs in ltib, Stuart Hughes, 2009/07/07
- Re: [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/07
- Message not available
- Re: [Ltib] World writable dirs in ltib, Stuart Hughes, 2009/07/08
- Re: [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/08
- Re: [Ltib] World writable dirs in ltib, Stuart Hughes, 2009/07/09
- Re: [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/09
- Re: [Ltib] World writable dirs in ltib, Stuart Hughes, 2009/07/09
- Re: [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/09
- Re: [Ltib] World writable dirs in ltib,
Stuart Hughes <=
- Re: [Ltib] World writable dirs in ltib, Svein Seldal, 2009/07/10
- Re: [Ltib] World writable dirs in ltib, Stuart Hughes, 2009/07/10