[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#568313: Suggestion: forbid the use of dpkg-statoverride in postinst scripts, except for --list

Package: debian-policy
Severity: wishlist

Regarding Debian Policy 10.9.

First, I suggest that Debian Policy require, or at least recommend,
that packages not use dpkg-statoverride to set permissions for files
with static uids and gids. In other words, if it is possible for the
maintainer to set the permissions in the package binary itself, then he

As for setting permissions for files with dynamic ids, debian policy
says that dpkg-statoverride is necessary. This is not true, or at least
misleading. Certainly the post install script should check to make sure
that there isn't any override in place before setting file permissions,
but I think it would be better to set permissions with chown and chmod
than dpkg-statoverride.

In summary, I have 2 similar suggestions:
1) require that permissions be set in the package binary for files with
static uid and gids (this is easier anyway)
2) forbid the use of dpkg-statoverride, except for getting a list of the
preferences already set by the administrator.


Attachment: signature.asc
Description: PGP signature

Reply to: