[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#568313: Suggestion: forbid the use of dpkg-statoverride in postinst scripts, except for --list

On Thu, 4 Feb 2010 12:36:34 +1300
martin f krafft <madduck@debian.org> wrote:

> also sprach Russ Allbery <rra@debian.org> [2010.02.04.1222 +1300]:
> > If you set the permissions with chown, aren't they overwritten
> > every time the package is upgraded and then have to be reset again,
> > leaving windows on every upgrade when they have the wrong
> > permissions?
> Maybe dpkg could be taught to preserve permissions on files that
> already exist (i.e. on upgrades)?

Actually, that is exactly what dpkg-statoverride is for. Administrators
can set overrides, which prevents dpkg from overwriting permissions.

If dpkg just didn't overwrite permissions, then when package
maintainers actually do need to change permissions on files that they
had set with previous packages, they couldn't. gpg, for example, was
set 4755 some time ago, to prevent paging your passwords to disk. Then
some time later, that no longer required root permissions, so gpg was
set to 755. If dpkg never overwrote permissions, then gpg would not
have been able to update these permissions on upgrade.


Attachment: signature.asc
Description: PGP signature

Reply to: