weird permissions on directories when installing ports through
sudo
Eric Schuele
e.schuele at computer.org
Wed Feb 25 09:25:48 PST 2009
On 02/19/2009 15:56, Aleksandr Miroslav wrote:
> For the longest time, I have installed ports via the "sudo make install" or
> "sudo portupgrade" or "sudo portinstall" method and never had a problem.
This seems to have jumped up and bitten me on the arse as well. I
believe the "problem" lies herein:
http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/sudo/distinfo?rev=1.61
It appears that sudo has been changed following a security issue. I use
a more restrictive umask than the default. I suspect you do as well.
The sudo change now implements a union of umasks, therefore never
lowering the umask of the person running sudo.
This had the effect of truly screwing up many installed ports for me (I
do the same as you `sudo portupgrade`). I'm not blaming the fix... just
whining about it.
The fix for me was to deinstall and reinstall and problem ports using
root himself.
I suspect though you could fix it other ways by fiddling with your
usmask, and/or altering the sudo config files.
>
>
> Recently, as of a few weeks ago, I started noticing that ports that were
> installed or upgraded were getting the wrong permissions. Not only were
> directories getting permissions of 700 (whereas previously they had been
> 755), but the directories /usr/local and entries in /var/db/pkg were getting
> permissions of 700.
>
> This is causing a lot of things to break, and I have to manually go in and
> make everything public for it to work again.
>
> This only happens when I build ports via sudo. If I am root and I run make
> install, everything works fine.
yeah. Me too. :)
>
> I haven't changed anything recently either in sudo, or my umask.
>
> What can I do to fix this?
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
--
Regards,
Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090225/f920aaab/signature.pgp
More information about the freebsd-questions
mailing list