On Thu, Apr 26, 2007 at 08:46:09PM +0200, Evgeni Golov wrote: > On Thu, 26 Apr 2007 12:38:49 -0500 Luis Rodrigo Gallardo Cruz wrote: > > > > Hm, could you explain that a bit more? I need the binary setuid-root, > > > so $USER is able to write to /sys/class/backlight/ > > > I previously used install -M 4755 in debian/rules, but this did not > > > work, because I don't build as root : ( > > > > Oh, ok. Well, packages *need* to be built as root, precisely so that > > they can have any set of needed ownerships and permissions. You can > > use fakeroot to do the build. > > I _USE_ fakeroot. > And after the install /usr/bin/brightd is 0755, because only root (and > not fakeroot) can setuid - if this would not be like this, everyone > could create suidroot binaries... Wrong. suid works under fakeroot (I actually ran it to check). What happened in your package is that dh_fixperms strips suid bits from files (see man dh_fixperms). Sorry for not noticing that before. (And yes, anyone can run fakeroot and create a binary that, under fakeroot, looks as if it had suid bits. Does not matter, since it doesn't really have them.) > So can I just chmod in debian/rules and hope the package will be > rebuild as root on the buildds? No, you *also* need to ensure dh_fixperms does not strip the bits away. Change the call to dh_fixperms -X usr/bin/brightd -- Rodrigo Gallardo GPG-Fingerprint: 7C81 E60C 442E 8FBC D975 2F49 0199 8318 ADC9 BC28
Attachment:
signature.asc
Description: Digital signature