user nut home directory is group writable

To: pkgsrc-users%netbsd.org@localhost
Subject: user nut home directory is group writable
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Thu, 13 Feb 2025 11:57:53 +0100

I get a message from /etc/security saying
	user nut home directory is group writable
and indeeed /var/db/nut is nut:nut 0770.

That's a consequence of (in sysutils/ups-nut/Makefile)
	OWN_DIRS_PERMS=		${NUT_STATEDIR} ${NUT_USER} ${NUT_GROUP} 0770
and
	PKG_USERS=		${NUT_USER}:${NUT_GROUP}
	[...]
	PKG_HOME.${NUT_USER}=	${NUT_STATEDIR}
so should effect anyone installing sysutils/nut.

I wonder what's the point of setting PKG_HOME.${NUT_USER} and why we have
	PKG_SHELL.${NUT_USER}=	${SH}
which would allow the nut user to get a shell (given you set a password or 
deploy SSH keys).

I also wonder why (in Makefile.common) we have
	NUT_STATEDIR?=		${VARBASE}/db/nut
and not
	NUT_STATEDIR?=		${VARBASE}/run/nut

NUT_STATEDIR is on /var/db, not /var/run. What upsd puts there (as far as I 
can see) are PID files and sockets, e.g. things I'd typically expect 
in /var/run/nut.

Follow-Ups:
- Re: user nut home directory is group writable
  - From: Greg Troxel

Prev by Date: Re: removing print/advi
Next by Date: net/megacmd: update to 2.0.0
Previous by Thread: Apparent blacklisting of e-mail addresses
Next by Thread: Re: user nut home directory is group writable
Indexes:

Home | Main Index | Thread Index | Old Index