[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#352394: tex-common: permission scheme for /var/cache/fonts

On Mon, 13 Feb 2006, Frank Küster wrote:
> If we do this, why not drop any special handling of TEXMFMAIN and
> TEXMFVAR completely?  Local admins with special needs can always use
> dpkg-statoverride. 

Proposal:

config.in:
...balblabla...
# and unregister old tex-common questions, they are not needed anymore
db_unregister tex-common/groupperm || true
db_unregister tex-common/userperm || true
db_unregister tex-common/managedlsr || true


# there was a bug in 0.9 that caused debconf answers to have no effect:
# reset the seen flag
if [ "$installed_version" = 0.9 ]; then
  db_fset tex-common/managecache seen false || true
  db_fset tex-common/groupname seen false || true fi
# this script may be run twice: Once by dpkg-preconfigure, once again by
# debconf when it is sourced in the postinst script.  We must do the
# following only once, therefore we fiddle with a special flag
db_fget tex-common/managecache firstpass || true

if [ "$RET" != "true" ]; then
  # we are in the first pass, set the flag and do the things
  db_fset tex-common/managecache firstpass true

  # check wether the directory /var/cache/fonts is group writeable and 
  # for which group
  PERMS=$(stat --format="%a" /var/cache/fonts)
  GROUP=$(stat --format="%G" /var/cache/fonts)
  if [ $PERMS = 2775 ] ; then
    db_set tex-common/managecache true || true
    db_set tex-common/groupname "$GROUP" || true
  else
    db_set tex-common/managecache false || true
  fi
  db_input low tex-common/managecache || true
  db_go

  db_get tex-common/managecache && SELECTED_LSR="$RET" || true
  if [ "$RET" = true ]; then
    db_input low tex-common/groupname || true
    db_go
  fi
fi
===================================================0

postinst part:
    db_get tex-common/managecache || true
    if [ $RET = true ] ; then
      db_get tex-common/groupname || true
      GROUP="$RET"
      if [ -n "$GROUP" ] ; then
        for i in /var/cache/fonts /var/cache/fonts/pk /var/cache/fonts/tfm /var/cache/fonts/source ; do
          chmod 02775 $i
          chown "root.$GROUP" $i
        done
      fi
    fi

==========================================================0

much simpler and nice.

Only think we should think about is the part in the postinst part: Do we
want to recursively change *all* directories (there could be some old
ones present) to 02755? I.e.
	find /var/cache/fonts -type d -exec chmod 02755 '{}' \;
instead of the for i in ... construct ...

Best wishes

Norbert

-------------------------------------------------------------------------------
Dr. Norbert Preining <preining AT logic DOT at>             Università di Siena
gpg DSA: 0x09C5B094      fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
SCRONKEY (n.)
Something that hits the window as a result of a violent sneeze.
			--- Douglas Adams, The Meaning of Liff
Reply to: