Le 15/09/15 08:43, Domen Vrankar a écrit :
2015-09-14 23:49 GMT+02:00 Raffi Enficiaud <raffi.enfici...@mines-paris.org>:
Le 14/09/15 23:34, Domen Vrankar a écrit :
Thank you. However those two test are not mutually exclusive. I think
having
them on lintian is also a good thing.
I've tried your test change before but lintian test complained that
775 are invalid permissions (should be 755). Is this caused by a
different version of lintian or should I just modify your test to use
755 permissions and apply that?
That's very good that it fails :)
I tested on Ubuntu 14.04, maybe Debian distributions are even more strict.
Apparently the files that "file(WRITE ...)" created on your system are with
775. I believe the problem lies in the "file(" commands rather than on a
different version of lintian.
OTOH, I can see from this:
https://lintian.debian.org/tags/control-file-has-bad-permissions.html
that all files should have at least a permission mask set to ~S_IWGRP &
~S_IWOTH (with "control_tar.SetPermissionsMask(~S_IWGRP & ~S_IWOTH)"), so
that the executable bit is left unchanged and the write bit is cleared for
group and others (755 and 644).
What do you think?
You are correct. I've reinstalled my virtual machine and retested with
"control_tar.SetPermissionsMask(~S_IWGRP & ~S_IWOTH)" and it would
seem that there was an issue in my testing environment - before this
did not work as expected on my machine. Same goes for default
permissions being 664/775 instead of 644/755.
I would keep md5 checksum file permissions on 644 with SetPermissions
and add SetPermissionsMask from above for the rest of control files.
Would you agree?
From this (thanks to lintian now I have the proper link :) )
https://lintian.debian.org/tags/control-file-has-bad-permissions.html
https://www.debian.org/doc/debian-policy/ch-files.html#s-permissions-owners
all control files:
- should be owned by root:root (+ I would say uid/gid 0/0, because root
may be mapped) which is the case now
- should be 755 or 644, depending if they are executable or not
The number of files that should be 755 are limited to (according to
linitian) config, postinst, postrm, preinst, and prerm. All others
should be 644.
So I would say without loss of generality, we can set the permission to
644 except for those config, postinst... files . I can send you a patch
based on 76c59007dd3944e23848b7d5912a59a7d3db6398 today (and update the
doc accordingly).
Is that good for you?
Raffi
--
Powered by www.kitware.com
Please keep messages on-topic and check the CMake FAQ at:
http://www.cmake.org/Wiki/CMake_FAQ
Kitware offers various services to support the CMake community. For more
information on each offering, please visit:
CMake Support: http://cmake.org/cmake/help/support.html
CMake Consulting: http://cmake.org/cmake/help/consulting.html
CMake Training Courses: http://cmake.org/cmake/help/training.html
Visit other Kitware open-source projects at
http://www.kitware.com/opensource/opensource.html
Follow this link to subscribe/unsubscribe:
http://public.kitware.com/mailman/listinfo/cmake-developers
