Bug#69609: Debconfize ls-R permissions?
Adam C Powell IV wrote:
C.M. Connelly wrote:
"AP" == Adam C Powell IV <hazelsct@mit.edu>
Adam,
AP> If you like, I can try to make a patch to debconfize this,
AP> with two yes/no questions on whether to make it group- or
AP> world-writable, and if group is yes, then it requests a
AP> string for the group name. I'd make the defaults group
AP> but not world-writable and group name "users", with
AP> priority "low" or "medium".
AP> Makes sense? Would you accept the patch?
Yes, please do. We might not adopt the patch intact, but having
someone get it mostly done would still be a huge step forward.
Okay, I'll work on it over the next couple of days. It will mostly
consist of a .config and small patch to .postinst.
Well, so much for "next couple of days". I finally got some time
yesterday, and the attached patch seems to work. I haven't tried
building the package around it (was on the road and couldn't get the
build-depends), but substituting the files in /var/lib/dpkg/info and
running dpkg-reconfigure tetex-bin works nicely.
I moved the permissions section to the end of postinst, after the notice
about texconfig, this should clear up the confusion about how to set the
permissions which was also mentioned in this bug.
Sorry to take so long, hope this helps!
--
-Adam P.
GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6
Welcome to the best software in the world today cafe!
<http://lyre.mit.edu/%7Epowell/The_Best_Stuff_In_The_World_Today_Cafe.ogg>
diff -urN debian.old/config debian/config
--- debian.old/config Wed Dec 31 19:00:00 1969
+++ debian/config Sun Sep 22 20:06:13 2002
@@ -0,0 +1,19 @@
+#!/bin/sh -e
+
+# Use debconf.
+. /usr/share/debconf/confmodule || exit
+db_version 2.0
+
+db_input high tetex-bin/managelsrperms || true
+db_go
+
+db_get tetex-bin/managelsrperms
+if [ x"$RET" == x"true" ]; then
+ db_beginblock
+ db_input medium tetex-bin/groupname || true
+ db_input low tetex-bin/groupperm || true
+ db_input low tetex-bin/userperm || true
+ db_endblock
+fi
+
+db_go
diff -urN debian.old/postinst debian/postinst
--- debian.old/postinst Tue Apr 9 10:45:28 2002
+++ debian/postinst Sun Sep 22 20:12:24 2002
@@ -6,6 +6,10 @@
exit 0
fi
+# Use debconf.
+. /usr/share/debconf/confmodule || exit
+db_version 2.0
+
install-info --quiet --section teTeX teTeX --menuentry="Kpathsea" --description="File lookup along search paths." /usr/share/info/kpathsea.info
install-info --quiet --section teTeX teTeX --menuentry="Web2c" --description="TeX, Metafont and companion programs." /usr/share/info/web2c.info
install-info --quiet --section teTeX teTeX --menuentry="dvips" --description="Translating TeX DVI files to PostScript." /usr/share/info/dvips.info
@@ -107,9 +111,6 @@
echo
fi
-echo Fixing permissions of ls-R files ...
-chmod -v 644 /var/lib/texmf/ls-R /var/lib/texmf/ls-R.local /var/spool/texmf/ls-R 2>/dev/null | fgrep changed || true
-
# register xdvi for mime
if [ -x /usr/sbin/update-mime ]; then
update-mime
@@ -132,5 +133,31 @@
echo If you want to change the default settings,
echo use $TEXCONFIG_P to configure teTeX.
echo
+
+db_get tetex-bin/managelsrperms || true
+if [ x"$RET" == x"true" ]; then
+ echo Fixing permissions and group of ls-R as specified by debconf ...
+
+ db_get tetex-bin/groupperm || true
+ if [ x"$RET" == x"true" ]; then
+ LSRPERMS=66
+ else
+ LSRPERMS=64
+ fi
+ db_get tetex-bin/userperm || true
+ if [ x"$RET" == x"true" ]; then
+ LSRPERMS="$LSRPERMS"6
+ else
+ LSRPERMS="$LSRPERMS"4
+ fi
+
+ chmod -v $LSRPERMS /var/lib/texmf/ls-R /var/lib/texmf/ls-R.local /var/spool/texmf/ls-R 2>/dev/null | fgrep changed || true
+
+ db_get tetex-bin/groupname || true
+ chgrp -v $RET /var/lib/texmf/ls-R /var/lib/texmf/ls-R.local /var/spool/texmf/ls-R 2>/dev/null | fgrep changed || true
+else
+ echo Fixing permissions of ls-R files ...
+ chmod -v 644 /var/lib/texmf/ls-R /var/lib/texmf/ls-R.local /var/spool/texmf/ls-R 2>/dev/null | fgrep changed || true
+fi
#DEBHELPER#
diff -urN debian.old/templates debian/templates
--- debian.old/templates Wed Dec 31 19:00:00 1969
+++ debian/templates Sun Sep 22 20:07:54 2002
@@ -0,0 +1,35 @@
+Template: tetex-bin/managelsrperms
+Type: boolean
+Default: true
+Description: Use debconf to manage permissions of ls-R files?
+ The metafont program can store fonts generated by users running xdvi, dvips,
+ etc. so they need not be re-generated repeatedly. They are stored in
+ /var/lib/texmf and /var/spool/texmf, with "ls-R" file lists showing where the
+ font files are stored.
+ .
+ Answering `yes' here will allow you to easily manage the permissions of those
+ ls-R files using debconf.
+
+Template: tetex-bin/groupname
+Type: string
+Default: users
+Description: Which group should own the ls-R files?
+ Modification of ls-R files can be restricted to the members of one group which
+ owns them. To take advantage of this, add the users to the group of your
+ choice, and enter that group name here. The default group `users' is
+ appropriate for most systems.
+
+Template: tetex-bin/groupperm
+Type: boolean
+Default: true
+Description: Allow group members to modify ls-R files?
+ Answering `yes' here will allow members of the owning group to modify the ls-R
+ files.
+
+Template: tetex-bin/userperm
+Type: boolean
+Default: false
+Description: Allow all users to modify ls-R files?
+ Answering `yes' here will allow all users to modify ls-R files. This is
+ generally not a good idea for security reasons; you should instead restrict
+ such access to members of one group.
Reply to: