[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: transition from suidmanager to dpkg-statoverride

Robert Luberda wrote:
> What about dh_fixperms? 
> It probably still removes all suid/sgid bits.  Could it  be fixed to not 
> change permission of files listed in debian/suid?

The way this is supposed to work (and the way it has always and
continues to work) is you run dh_fixperms and either use -X to exclude
specific suid binaries from processing, or explicitly set the permissions
you need afterwards. Only then did dh_suidregister run, to register
those permissions. 

I like this because I'm paranoid; it ensures that no matter how the package's
Makefile is messed up, only the binaries I chose becomes s[ug]id.

That dh_suidregister no longer runs doesn't change the general scheme,
unless you unwisely used to call it *before* dh_fixperms. In that case
you'd need to add some -X's. But I don't see any need to make it look at
the .suid files.

see shy jo

Reply to: