lmi-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lmi-commits] [lmi] master d9f9099 2/2: Generally force group permission

From: Greg Chicares
Subject: [lmi-commits] [lmi] master d9f9099 2/2: Generally force group permissions to match user permissions
Date: Wed, 20 Oct 2021 09:51:54 -0400 (EDT) 
branch: master
commit d9f9099b1ea701c5baa5fbeb21745b854ea3d01a
Author: Gregory W. Chicares <gchicares@sbcglobal.net>
Commit: Gregory W. Chicares <gchicares@sbcglobal.net>

    Generally force group permissions to match user permissions
    
    In a chroot that is to be shared by multiple developers using the same
    $prefix, files in that $prefix should have the same permissions for the
    developers' common group as for each user individually. Otherwise, some
    files created by one user might not be modifiable by another. Generally
    the permissions are already correct in a chroot created by lmi scripts,
    but autotools-generated files are an exception because they don't heed
    directories' GID bits.
    
    It can of course be argued that each user should use its own prefix.
---
 gwc/install_posix.sh | 13 +++++++++++--
 install_msw.sh       | 13 +++++++++++--
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/gwc/install_posix.sh b/gwc/install_posix.sh
index 21b562b..475a779 100755
--- a/gwc/install_posix.sh
+++ b/gwc/install_posix.sh
@@ -154,8 +154,17 @@ done
 
 # GID should be the same for all files.
 find /opt/lmi/ -not -group "$(id -gn "$(logname)")" -print
-# User and group write permissions should be the same.
-find /opt/lmi -perm -200 -not -perm -020 -print0 | xargs --no-run-if-empty -0 
ls -ld
+# User and group permissions should be the same throughout $(prefix).
+# For each file that doesn't conform to that rule, list its name (to
+# make any systematic pattern clearer--for example, files generated
+# by autotools seem to ignore their directories' GIDs), and fix the
+# problem:
+find . \
+  -type f \
+  \( -perm -u+r ! -perm -g+r \
+  -o -perm -u+w ! -perm -g+w \
+  -o -perm -u+x ! -perm -g+x \
+  \) -print0 | xargs --null --verbose --no-run-if-empty chmod g=u
 # Show all distinct file modes. Expect something like:
 #   00444 regular file
 #   00555 regular file
diff --git a/install_msw.sh b/install_msw.sh
index fb5428c..5c2b3b1 100755
--- a/install_msw.sh
+++ b/install_msw.sh
@@ -322,8 +322,17 @@ done
 
 # GID should be the same for all files.
 find /opt/lmi/ -not -group "$(id -gn "$(logname)")" -print
-# User and group write permissions should be the same.
-find /opt/lmi -perm -200 -not -perm -020 -print0 | xargs --no-run-if-empty -0 
ls -ld
+# User and group permissions should be the same throughout $(prefix).
+# For each file that doesn't conform to that rule, list its name (to
+# make any systematic pattern clearer--for example, files generated
+# by autotools seem to ignore their directories' GIDs), and fix the
+# problem:
+find . \
+  -type f \
+  \( -perm -u+r ! -perm -g+r \
+  -o -perm -u+w ! -perm -g+w \
+  -o -perm -u+x ! -perm -g+x \
+  \) -print0 | xargs --null --verbose --no-run-if-empty chmod g=u
 # Show all distinct file modes. Expect something like:
 #   00444 regular file
 #   00555 regular file
reply via email to
[Prev in Thread] Current Thread [Next in Thread]