Bug#690773: perl: Module::Build creates non group-writable site directories
gregor herrmann
gregoa at debian.org
Sun May 31 16:54:24 BST 2020
On Sun, 31 May 2020 11:50:49 +0300, Niko Tyni wrote:
> On Wed, Oct 17, 2012 at 04:04:02PM +0300, Niko Tyni wrote:
> > Package: perl
> > Version: 5.14.2-14
> >
> > Quoting the Debian policy, section 9.1.2:
> > http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1.2
> >
> > The `/usr/local' directory itself and all the subdirectories
> > created by the package should (by default) have permissions 2775
> > (group-writable and set-group-id) and be owned by `root:staff'.
> >
> > We have patched ExtUtils::MakeMaker for ages to set umask appropriately
> > for site install directories. See
> > http://patch-tracker.debian.org/patch/series/view/perl/5.14.2-14/debian/writable_site_dirs.diff
> > http://patch-tracker.debian.org/patch/series/view/perl/5.10.1-17squeeze3/debian/extutils_hacks.diff
These are now the following patches in src:perl:
debian/patches/debian/writable_site_dirs.diff
debian/patches/fixes/respect_umask.diff
which basically set 'umask 02'
> > It looks like Module::Build needs similar patching:
> >
> > % sudo rm -rf /usr/local/share/perl /usr/local/lib/perl
> > % cpan -i File::BOM
> > [...]
> > sudo ./Build install -- OK
> > % ls -dl /usr/local/lib/perl /usr/local/share/perl
> > drwxr-sr-x 3 root staff 4096 Oct 17 15:58 /usr/local/lib/perl
> > drwxr-sr-x 3 root staff 4096 Oct 17 15:58 /usr/local/share/perl
>
> This still seems to be the case.
Ack.
The following patch:
#v+
% diff -u /usr/share/perl5/Module/Build/Base.pm~ /usr/share/perl5/Module/Build/Base.pm
--- /usr/share/perl5/Module/Build/Base.pm~ 2020-01-30 16:23:22.000000000 +0100
+++ /usr/share/perl5/Module/Build/Base.pm 2020-05-31 17:47:33.792186505 +0200
@@ -3562,6 +3562,7 @@
my ($self) = @_;
require ExtUtils::Install;
$self->depends_on('build');
+ umask oct(02);
# RT#63003 suggest that odd circumstances that we might wind up
# in a different directory than we started, so wrap with _do_in_dir to
# ensure we get back to where we started; hope this fixes it!
#v-
leads to:
% ls -dl /usr/local/lib/x86_64-linux-gnu/perl /usr/local/share/perl /usr/local/man
drwxrwsr-x 3 root staff 4096 May 31 17:47 /usr/local/lib/x86_64-linux-gnu/perl
drwxrwsr-x 3 root staff 4096 May 31 17:47 /usr/local/man
drwxrwsr-x 3 root staff 4096 May 31 17:47 /usr/local/share/perl
which looks better :)
(Except that this change probably applies to _all_ created
directories and not only the ones in /usr/local, etc.)
Cheers,
gregor
--
.''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org
: :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06
`. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
`- NP: The Doors: Spanish Caravan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20200531/3b67dc49/attachment.sig>
More information about the pkg-perl-maintainers
mailing list