Date: Sun, 8 Jul 2012 04:10:30 -0400 From: grarpamp <grarpamp@gmail.com> To: freebsd-ports@freebsd.org Subject: Re: Standard file permissions for /usr/local Message-ID: <CAD2Ti2-9J3%2BmLcssuMyWpp=buC4Xdg_JshvqfsfpoD8fmRu2LA@mail.gmail.com> In-Reply-To: <20120707231445.GA16872@DataIX.net> References: <CAD2Ti29f1M_KCR19o9gSJNxRe7=gWDiMcaV6W9qhsziFONBBQA@mail.gmail.com> <CADLo83__gV=kdVGbVfZLc3Tm=g3WMi9_bLpGJdjGfHjn6RrhyQ@mail.gmail.com> <20120707231445.GA16872@DataIX.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Given there is no context as to what these are and belong to the numbers > below with the symbolic meaning are useless besides saying the system is Oops, thought I had that noted. They are sort | uniq -c of the permission column of find -ls. > Blindly going through installed software with a massively large comb > "chmod -R anything=anything" is a bad idea Bad idea? Not really, I amended my tree as shown. As you can see, I have about 80k files, 2k dirs and 2k links. All provided by 'packages'. And out of those, I only need one divergent perm, that being Xorg, not thousands. I've no sensitive files there. I don't need man to go around making catpages. Nor sticky dirs for games. Nor Schily's stuff in the bin group. Or polkit priviledges. Or whatever else. As any admin, I know the environment and files, so I'm good with the comb and pomade. And it makes linting installs, security checks and other things simpler if say you find / -perm +0044 and don't have to wade through say, symlinks set to go+w. Or have some other install fail because files aren't writeable. I amed it to reduce my working sets, and work, with other tools easier. And to making finding what changes out from under you easier, etc. No big deal, and not a debate about anyone's equally valid local usage. Maybe I should rephrase... is there something, or a movement within ports, to push mass gobs of files towards mode 0444 or 0644? A umask being set in the build system? An install flag? Or is this just the raw result of doing everything [1] unmodified umask 0022, tarring up the tbz's, and putting them on FTP? [1] Say, patch, ./configure, make, make install, hash +CONTENTS, tarball My experience with ./configure, make, make install of original upstream software releases, is that I think the majority of things end up as I've amended, without the amending. So I just wondered if there's a push in ports somewhere. > Do you have anything relevant as to a particular port or package ? This was a stats analysis, so particulars do not apply.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti2-9J3%2BmLcssuMyWpp=buC4Xdg_JshvqfsfpoD8fmRu2LA>