Bug#538392: group staff: moving forward

[Don Armstrong <don@debian.org>]

On Tue, 11 Aug 2009, Santiago Vila wrote:
> Could we please move the default to 755, not 2775, like every other
> "normal" directory in Debian? There is little point in keeping those
> directories world-writable if they stop being owned by group staff.

The group for the directories can still be staff, it should just not
be writable by group staff by default [but configurable by users to
be, with that configuration respected.]

/usr/local isn't a normal subdirectory tree, as nothing should be
shipped in it by Debian packages.

I had assumed that basefiles would do something like the following:

1) if group staff has non-root users:
  - ask if /usr/local should be writable by staff
    * yes: bail out; don't ask this question again
    * no: continue to 2

2) make /usr/local and it's subdirectories which are root:staff 2775
   either 2755 or 0755, root:root or root:staff; don't really care
   which; don't do this step ever again upon completion.

packages making subdirectories of /usr/local would do something like;

3) if [ -e /path/to/foo/ ]; then
      if mkdir -m=$(stat -c %a /usr/local) /path/to/foo 2>/dev/null; then
      	 chgrp $(stat -c %g /usr/local) /path/to/foo;
      fi;
   fi;

for each of the subdirectories created, as appropriate.


Don Armstrong

-- 
This isn't life in the fast lane, it's life in the oncoming traffic
 -- Terry Pratchett

http://www.donarmstrong.com              http://rzlab.ucr.edu