Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 7 Sep 2001 17:40:20 +0300
From:      Peter Pentchev <roam@ringlet.net>
To:        void <float@firedrake.org>
Cc:        Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>, freebsd-hackers@freebsd.org
Subject:   Re: Permissions on /root directory and /etc/mtree/BSD.root.dist
Message-ID:  <20010907174020.D638@ringworld.oblivion.bg>
In-Reply-To: <20010906202334.A6682@firedrake.org>; from float@firedrake.org on Thu, Sep 06, 2001 at 08:23:34PM %2B0100
References:  <004f01c1369d$5fc07ba0$6d36120a@comsys.ntukpi.kiev.ua> <20010906202334.A6682@firedrake.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 06, 2001 at 08:23:34PM +0100, void wrote:
> On Thu, Sep 06, 2001 at 10:30:08AM +0400, Andrey Simonenko wrote:
> > 
> > 0700 mode restricts other users from reading /root directory.
> > When root wants to upgrade system he/she run "make buildworld",
> > "make installworld". But installworld calls mtree, which changes
> > /root permissions to default value specified in the /etc/mtree/BSD.root.dist
> > file. So, if administrator will not forgot about needed permissions
> > on /root, then installworld will open /root directory for reading
> > for everybody.
> > 
> > I propose not to change permissions on /root directory in
> > the /etc/mtree/BSD.root.dist file and leave them unchanged.
> > 
> > Comments?
> 
> There is a whole class of problems like this.  For example, my
> installation of mutt doesn't work right if /var/mail is not mode 1777,
> but BSD.var.dist changes it to 755 every time I installworld.
> 
> I think a more general solution might be in order.  Perhaps some sort
> of local.dist that is processed after BSD.*.dist.
> 
> As a workaround, I put "chmod 1777 /var/mail" in my rc.local script.
> I suggest you do something similar.

And then, of course, there is the obvious solution: maintaining some
local patches, applied to the source tree after each update.
(and reversed before each update..)

This is the way I'm doing it, but then, I have a *lot* of local changes,
and such an approach might not make sense for a single change like that..

G'luck,
Peter

-- 
I am the thought you are now thinking.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010907174020.D638>