[Piuparts-devel] Bug#898615: piuparts: please check owner+permission of /usr/local subdirectories

Jakub Wilk jwilk at jwilk.net
Mon May 14 09:56:54 BST 2018

Package: piuparts
Severity: wishlist

Policy ยง9.1.2 reads:
>If /etc/staff-group-for-usr-local does not exist, /usr/local and all 
>subdirectories created by packages should have permissions 0755 and be 
>owned by root:root.
>If /etc/staff-group-for-usr-local exists, /usr/local and subdirectories 
>should have permissions 2775 (group-writable and set-group-id) and be 
>owned by root:staff.

It would be nice if piuparts could check if the tested packages create 
/usr/local subdirectories with the right ownership and permissions.

For example, fontconfig-config_2.13.0-4 does it incorrectly: it creates 
/usr/local/share/fonts as 2755 root:staff, regardless of whether 
/etc/staff-group-for-usr-local exists or not.

Note that this staff-group-for-usr-local thing was implemented in 
debhelper in 11.2 released on 2018-04-07, so it might make sense to skip 
packages that were built before that date, at least for the time being.

Jakub Wilk

More information about the Piuparts-devel mailing list