Re: weekly locate error Was: September 2024 stabilization week
- Reply: Olivier Certner : "Re: weekly locate error Was: September 2024 stabilization week"
- Reply: Jamie Landeg-Jones : "Re: weekly locate error Was: September 2024 stabilization week"
- In reply to: Jamie Landeg-Jones : "Re: weekly locate error Was: September 2024 stabilization week"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Oct 2024 01:55:12 UTC
On 9/30/24 19:36, Jamie Landeg-Jones wrote: > Kyle Evans <kevans@FreeBSD.org> wrote: > >> It might be that the better long-term approach is to teach updatedb.sh >> how to drop privileges and push that out of the periodic script to avoid >> surprises like this from the different execution environments. This >> /feels/ like the kind of thing we could take an opinionated stance on, >> maybe providing an escape hatch of some sort if someone really wants to >> complain that they can't document all filenames on the system. > > This is how it already works. It calls locate.updatedb as "nobody", so > only files readable by "nobody" are indexed: > > echo /usr/libexec/locate.updatedb | nice -n 5 su -fm nobody || rc=3 Yes, my proposal is that it stops doing that and we teach updatedb to handle the priv-dropping instead, so that you get the same behavior no matter how you execute it. Thanks, Kyle Evans