Bug#982067: /usr/local/lib/ocaml owned by group staff even if /etc/staff-group-for-usr-local not present

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#982067: /usr/local/lib/ocaml owned by group staff even if /etc/staff-group-for-usr-local not present
From: Sébastien Villemot <sebastien@debian.org>
Date: Sat, 06 Feb 2021 09:45:56 +0100
Message-id: <[🔎] 161260115613.32350.5813317738623047081.reportbug@rama.villemot.name>
Reply-to: Sébastien Villemot <sebastien@debian.org>, 982067@bugs.debian.org

Package: ocaml-base-nox
Version: 4.05.0-11
Severity: normal

Dear Maintainer,

The /usr/local/lib/ocaml directory (and its subdirectories), as created by the
postinst script of ocaml-base-nox, is always owned by group staff, with
permissions 2775.

This is a violation of Debian Policy §9.1.2. Those specific ownership and
permissions should only be set when the file /etc/staff-group-for-usr-local
is present. When it is not, the directory should be owned by root:root and have
permissions 0755.

Note that, since buster, new installations do not have
/etc/staff-group-for-usr-local by default, which makes this bug biting more
often.

Best,

--
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  https://sebastien.villemot.name
⠈⠳⣄⠀⠀⠀⠀  https://www.debian.org

Reply to:

Prev by Date: ocaml-parany_8.0.0-1_both.changes is NEW
Next by Date: Bug#982148: frama-c: autopkgtest failure: nothing logged
Previous by thread: ocaml-parany_8.0.0-1_both.changes is NEW
Next by thread: Bug#982148: frama-c: autopkgtest failure: nothing logged
Index(es):
- Date
- Thread