Hi Josh, On Sun, Mar 15, 2020 at 1:18 PM Josh Triplett <j...@joshtriplett.org> wrote: > > Policy version 4.1.4, in April 2018, states that /usr/local and subdirectories > should only have group "staff" if /etc/staff-group-for-usr-local exists, > and otherwise they should have group "root". Many packages still > unconditionally chown directories to root:staff, or chmod directories to > 2755.
What is an acceptable way to identify such scripts? Would it be a successful 'grep root[:.]staff', followed by an unsuccessful 'grep staff-group-for-usr-local'? Kind regards, Felix Lechner
