Bug#332264: tex-common: permission-handling of ls-R files is one-way
Hi Frank!
On Don, 06 Okt 2005, Frank Küster wrote:
> of debconf ("debconf is not a registry").
Ok, you are right.
> alternative suggestion in pseudocode:
>
> config
> ======
>
> do ls-R files exist? If yes:
>
> - get permissions and ownership of ls-R files for /var/cache/fonts,
> /var/lib/texmf and /usr/share/texmf
>
> - sort these files into "664files" and "644files"
>
> - check which files are in 664files, and db_set managedlsr to these
> files
>
> - db_input managedlsr, i.e. ask the question which files should be
> group-writeable. Rephrase the question so that it asks about
> "writeable by *their* group".
>
> - db_get managedlsr and change 664files to be the new selection
>
> - for(664files){
> # (we don't care about the owner at all, we only handle group
> # permissions)
> If SameGroup then {
> # in this case, we ask for group ownership and eventually change it
> CommonGroup=Group(664files)
> }
> else {
> # in this case, we don't ask about or touch group ownership
> CommonGroup=""
> }
> }
>
> - db_set groupname Commongroup
> # i.e. it gets empty when they have not the same group
>
> - If [ -n Commongroup ] then {
> # at this place, we could *maybe* introduce a new default. I'm unsure.
> db_input groupname
> }
config.in implementation proposal, please comment:
#
# first we collect those ls-R files which are group writeable in truegwrite
# and those which are not group writeable in falsegwrite
# furthermore we save the respective group and write permission in ${i}group
truegwrite=""
falsegwrite=""
for i in var cache main ; do
${i}group=""
lsr=`select_lsrfile $i`
if [ -r $lsr ] ; then
${i}group=`echo $lsr | awk '{print$4}'`
if ls -l $lsr | grep -q ^.....w ; then
$truegwrite="$truegwrite $i"
else
$falsegwrite="$falsegwrite $i"
fi
fi
done
#
# now we save the list of group writeable ls-R files to
# tex-common/managedlsr
db_set tex-common/managedlsr $truegwrite || true
#
# and ask the user to check if this selection is ok
db_input low tex-common/managedlsr || true
db_go
#
# get the answer of the users, ie what files should really be group
# writeable
db_get tex-common/managedlsr && SELECTED_LSR="$RET"
if [ -n "$SELECTED_LSR" ]; then
maybe_move_answer_and_delete groupname
maybe_move_answer_and_delete groupperm
maybe_move_answer_and_delete userperm
#
# we check wether all the group writeable files belong to the same group
# if yes, we suggest this group and ask the groupname question,
# otherwise we ignore this and do *not* play around with groups.
iscommongroup=-1
for i in $SELECTED_LSR ; do
if [ "X$iscommongroup" = "X-1" ] ; then
iscommongroup=${i}group
else
if [ ! ${i}group = $iscommongroup ] ; then
iscommongroup = ""
fi
fi
done
db_set tex-common/groupname "$iscommongroup" || true
if [ -n $iscommongroup ] ; then
db_input low tex-common/groupname || true
db_go
fi
fi
#
# we do not care for user permissions in this setting!
#
Please note that we do not care for user permissions ATM, this way.
> postinst
> ========
>
> - 664files="$RET of db_get managedlsr", 644files=allfiles NOT 664files
>
> - for(664files) {chmod g+w}
> for(644files) {chmod g-w}
>
> - groupname="$RET of db_get groupname"
>
> - If [ -n groupname ] then { for(664files) {chown :groupname}} (else nothing)
postinst.in implementation proposal, please comment:
db_get tex-common/managedlsr || true
if [ -n "$RET" ] ; then
falsegwritefiles=""
MANAGEDLSR="$RET"
for i in var cache main ; do
if echo $MANAGEDLSR | grep -q $i ; then
:
else
$falsegwritefiles="$falsegwritefiles $i"
fi
done
for i in $MANAGEDLSR ; do
lsr=`select_lsrfile $i`
chmod g+w $lsr
done
for i in $falsegwritefiles ; do
lsr=`select_lsrfile $i`
chmod g-w $lsr
done
db_get tex-common/groupname || true
LSRGROUP="$RET"
if [ -n $LSRGROUP ] ; then
for i in $MANAGEDLSR ; do
lsr=`select_lsrfile $i`
chgrp -v $LSRGROUP $lsr 2>/dev/null | fgrep changed || true
done
fi
else
echo "Fixing permissions of ls-R files ..."
chmod -v 644 $LSRS 2>/dev/null | fgrep changed || true
fi
Here it is not clear what we should do at the end, when NO group file is
selected, ie the last else clause. Probably we shouldn't touch anything
at all!
Best wishes and good night
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining <preining AT logic DOT at> Università di Siena
sip:preining@at43.tuwien.ac.at +43 (0) 59966-690018
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
CORRIEVORRIE (n.)
Corridor etiquette demands that one a corriedoo (q.v.) has been
declared, corrievorrie must be employed. Both protagonists must now
embellish their approach with an embarrassing combination of waving,
grinning, making idiot faces, doing pirate impressions, and waggling
the head from side to side while holding the other person's eyes as
the smile drips off their face, until with great relief, they pass
each other.
--- Douglas Adams, The Meaning of Liff
Reply to: