diff options
| author | Niels Thykier <niels@thykier.net> | 2018-04-07 19:05:34 +0000 |
|---|---|---|
| committer | Niels Thykier <niels@thykier.net> | 2018-04-07 19:05:34 +0000 |
| commit | d2a3b1587bee63f5019fab23725bf1a096e01dab (patch) | |
| tree | d52457dd8df2344f5c61194beb1636d2c898a298 | |
| parent | c7a3a4bd757a40d3834c000af2917a381eed9c9d (diff) | |
| download | debhelper-d2a3b1587bee63f5019fab23725bf1a096e01dab.tar.gz | |
dh_usrlocal: Use default owner+mode from Policy v4.1.4
Signed-off-by: Niels Thykier <niels@thykier.net>
| -rw-r--r-- | autoscripts/postinst-usrlocal | 17 | ||||
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rwxr-xr-x | dh_usrlocal | 29 | ||||
| -rwxr-xr-x | t/dh_usrlocal/01-basic.t | 2 |
4 files changed, 35 insertions, 15 deletions
diff --git a/autoscripts/postinst-usrlocal b/autoscripts/postinst-usrlocal index ca207488..e856e0f8 100644 --- a/autoscripts/postinst-usrlocal +++ b/autoscripts/postinst-usrlocal @@ -1,12 +1,25 @@ if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ]; then ( + default_mode=0755 + default_user=root + default_group=root + if [ -e /etc/staff-group-for-usr-local ]; then + default_mode=02775 + default_group=staff + fi while read line; do set -- $line dir="$1"; mode="$2"; user="$3"; group="$4" + if [ "$mode" = "default" ]; then + mode="$default_mode" + user="$default_user" + group="$default_group" + fi if [ ! -e "$dir" ]; then if mkdir "$dir" 2>/dev/null; then - chown "$user":"$group" "$dir" - chmod "$mode" "$dir" + if chown "$user":"$group" "$dir" ; then + chmod "$mode" "$dir" || true + fi fi fi done diff --git a/debian/changelog b/debian/changelog index dd465fd2..ca1559a4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -24,6 +24,8 @@ debhelper (11.2) UNRELEASED; urgency=medium Schauer for the suggestion. * dh_usrlocal: Implement a simple guard for directories that will likely cause issues in the shell snippets. + * dh_usrlocal: Use the new rules from Debian Policy 4.1.4 to + determine the default ownership and mode for directories. [ Nicolas Boulenguez ] * dh_installxfonts: Fix typo that causes a misc:Depends on diff --git a/dh_usrlocal b/dh_usrlocal index 93bf3d6b..cda686f2 100755 --- a/dh_usrlocal +++ b/dh_usrlocal @@ -33,18 +33,19 @@ snippets are inserted into the maintainer scripts by B<dh_installdeb>. See L<dh_installdeb(1)> for an explanation of debhelper maintainer script snippets. -When the I<Rules-Requires-Root> field is not (effectively) -I<binary-targets>, the directories in F</usr/local> will have -ownership root:staff and the mode will be 02775. These values have -been chosen to comply with the recommendations of the Debian policy -for directories in F</usr/local>. +When the I<DEB_RULES_REQUIRES_ROOT> environment variable is not (effectively) +I<binary-targets>, the directories in F</usr/local> will be handled as if +they were owned by root:root (see below). -When I<Rules-Requires-Root> has an effective value of +When the I<DEB_RULES_REQUIRES_ROOT> environment variable has an effective value of I<binary-targets>, the owners, groups and permissions will be -preserved with one exception. If the directory is owned by root:root, -then ownership will be reset to root:staff and mode will be reset to -02775. This is useful, since that is the group and mode policy -recommends for directories in F</usr/local>. +preserved with the sole exception where the directory is owned by root:root. + +If a directory is owned by root:root, then ownership will be determined +at install time. The ownership and permission bits will either be root:root +mode 0755 or root:staff mode 02775. The actual choice depends on whether +the system has F/etc/staff-group-for-usr-local> (as documented in the Debian +Policy Manual ยง9.1.2 since version 4.1.4) =head1 OPTIONS @@ -107,7 +108,9 @@ foreach my $package (@{$dh{DOPACKAGES}}) { if (should_use_root()) { my $stat = stat $File::Find::dir; if ($stat->uid == 0 && $stat->gid == 0) { - push @dirs, "$fn 02775 root staff"; + # Figure out the ownership and permission at runtime + # (required by Policy 9.1.2) + push(@dirs, "$fn default"); } else { my $user = getpwuid $stat->uid; my $group = getgrgid $stat->gid; @@ -115,7 +118,9 @@ foreach my $package (@{$dh{DOPACKAGES}}) { push @dirs, "$fn $mode $user $group"; } } else { - push @dirs, "$fn 02775 root staff"; + # Figure out the ownership and permission at runtime + # (required by Policy 9.1.2) + push(@dirs, "$fn default"); } }}, "$tmp/usr/local"); diff --git a/t/dh_usrlocal/01-basic.t b/t/dh_usrlocal/01-basic.t index e79e615b..2cd3f842 100755 --- a/t/dh_usrlocal/01-basic.t +++ b/t/dh_usrlocal/01-basic.t @@ -51,7 +51,7 @@ sub perform_test { @prerm = extract_generated_lines("debian/debhelper.prerm.debhelper"); is_deeply(\@postinst, - [map { "$_ 02775 root staff" } @{$expected_dirs_postinst}], + [map { "$_ default" } @{$expected_dirs_postinst}], "Correct postinst" ) or do { diag("postinst: $_") for @postinst; }; is_deeply(\@prerm, |