pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: post-install ownership on binaries

On Oct 10,  3:06am, Steven Bellovin wrote:
} On Tue, 19 May 2009 17:53:55 +0200
} Filip Hajny <> wrote:
} > is there a way to have pkg_add automatically set desired ownership
} > on binaries right after installing from a binary package? I'm
} > hitting this problem with Postfix - I guess since the changeover of  
} > pkg_install. Both postdrop and postqueue need to be
} > postfix:maildrop, and while I see this ownership inside the binary
} > package tarball, they get re-set to root:root after installing. I
} > know the fix is 'postfix set-permissions' away, but it would be nice
} > if the correct ownership were auto-set right away.
} > 
} > Am I missing something?
} Try adding a post-install rule in the pkgsrc Makefile to run
} set-permissions, perhaps.  (I haven't tried this.)

     Don't bother, since it is very much the WRONG thing to do, and
this is very bad advice.  This idea may set the permissions on the file
in the tarball which they already are as per the OP, but it won't do
anything to a binary package install.  For that, you need SPECIAL_PERMS:

P4-3679GHz: {34} wtf SPECIAL_PERMS
SPECIAL_PERMS: ===> mk/pkginstall/ (keywords: st_mode 
# SPECIAL_PERMS are lists that look like:
#               file user group mode
#       At post-install time, file (it may be a directory) is changed to be
#       owned by user:group with mode permissions.  If a file pathname
#       is relative, then it is taken to be relative to ${PREFIX}.
# SPECIAL_PERMS should be used primarily to change permissions of files or
# directories listed in the PLIST.  This may be used to make certain files
# set-uid or to change the ownership or a directory.
# SETUID_ROOT_PERMS is a convenience definition to note an executable is
# meant to be setuid-root, and should be used as follows:
#       SPECIAL_PERMS+= /path/to/suidroot ${SETUID_ROOT_PERMS}
# SETGID_GAMES_PERMS is a convenience definition to note an executable is
# meant to be setgid-game, and should be used as follows:
#       SPECIAL_PERMS+= /path/to/sgidgame ${SETGID_GAMES_PERMS}
SPECIAL_PERMS?=         # empty

}-- End of excerpt from Steven Bellovin

Home | Main Index | Thread Index | Old Index