Ticket #2171 (closed defect: fixed)
directory permissions on make install
| Reported by: | jelte | Owned by: | muks |
|---|---|---|---|
| Priority: | medium | Milestone: | Sprint-20120821 |
| Component: | build system | Keywords: | |
| Cc: | CVSS Scoring: | ||
| Sensitive: | no | Defect Severity: | N/A |
| Sub-Project: | DNS | Feature Depending on Ticket: | |
| Estimated Difficulty: | 0 | Add Hours to Ticket: | 0 |
| Total Hours: | 0.53 | Internal?: | no |
Change History
comment:2 Changed 11 months ago by muks
There are two places where $prefix/var/bind10-devel/ directory is created. One is in src/bin/cfgmgr/Makefile.am and second in src/bin/loadzone/Makefile.am in the install-data-local rules.
The second one (loadzone) should be deleted.
We may not want to do more than this. It's up to the packager to decide what the uid/gid of the directory should be. But the directory should have g+s,g+w permissions (mode 2770).
If we are going to set the mode, we should do it by adding another rule install-data-hook after the install-data-local rule and putting the chmod command there.
comment:3 Changed 11 months ago by muks
I tried this in a branch before describing the above (the g+s,g+w is required for the logger lockfile and anything else we want to create under that dir), so I'll push and put it to review.
comment:4 Changed 11 months ago by muks
- Owner set to UnAssigned
- Status changed from new to reviewing
comment:6 follow-up: ↓ 7 Changed 11 months ago by vorner
- Owner changed from vorner to muks
I agree with the removing of one installation rule.
But just to make sure, what is the reason for writable for a group? Shouldn't it be only for the user bind10 runs as?
Thank you
comment:7 in reply to: ↑ 6 Changed 10 months ago by muks
- Owner changed from muks to vorner
Hi vorner
Replying to vorner:
But just to make sure, what is the reason for writable for a group? Shouldn't it be only for the user bind10 runs as?
User is fine if BIND 10 components are the only processes that create items in that directory. There could be other programs such as 3rd-party frontends and even other users who the admin has configured to write in that directory. Processes running as these users may create or modify (create+rename) files. Setting g+s means that these files are still accessible to BIND 10 as well as other such users in the group, as files and sub-directories created under the local state directory will have the group set to the parent directory's group.
[Also in one particular case (lockfiles), these may get created as user root, and processes that run later need write access to these files.]
comment:8 Changed 10 months ago by vorner
- Owner changed from vorner to muks
- Total Hours changed from 0 to 0.53
Ah, the second part seems like the important one. OK, please go on and merge.
comment:9 Changed 10 months ago by muks
- Status changed from reviewing to closed
- Resolution set to fixed
- Component changed from Unclassified to build system
Merged to master in commit ab4d20907abdb3ce972172463dcc73405b3dee79:
* b71313c [2171] Set g+s,g+w permissions on localstatedir * 46ad312 [2171] Remove redundant mkdir (already exists in cfgmgr)
Resolving as fixed. Thank you for the reviews Michal.
umz, what should the permissions be? they end up as 755 here, are those wrong or should they be explicit?