Sunday, November 01, 2020

Re: 'make fix-permissions' directory ownership (PORTS_PRIVSEP)

On Wed, Oct 28, 2020 at 08:07:34PM +0000, Ricky Cintron wrote:
> While setting up the ports tree on my system with PORTS_PRIVSEP enabled,
> and after running 'doas make fix-permissions', I noticed that out of the
> six affected directories under /usr/ports/ (bulk, distfiles, packages,
> plist, pobj, update), both bulk and update were still owned by root.
> Looking at infrastructure/mk/bsd.port.mk, I can see that BULK_COOKIES_DIR
> and UPDATE_COOKIES_DIR are given to the _pbuild user, but their parent
> directories (bulk and update) are not.
>
> Since these two are the only root-owned directories in my ports tree, I
> was wondering if giving them to the _pbuild user has been considered, or
> perhaps there's a reason for doing it this way that I've overlooked. For
> now I've set my user as the owner, but I feel setting them up like the
> other four might make more sense.
>
> I'm including a tested diff just in case I'm not completely off target
> here.
>
> Index: bsd.port.mk
> ===================================================================
> RCS file: /cvs/ports/infrastructure/mk/bsd.port.mk,v
> retrieving revision 1.1542
> diff -u -p -u -r1.1542 bsd.port.mk
> --- bsd.port.mk 26 Jun 2020 11:51:16 -0000 1.1542
> +++ bsd.port.mk 28 Oct 2020 19:58:33 -0000
> @@ -158,8 +158,10 @@ PORTSDIR ?= /usr/ports
> X11BASE ?= /usr/X11R6
> VARBASE ?= /var
> DISTDIR ?= ${PORTSDIR}/distfiles
> -BULK_COOKIES_DIR ?= ${PORTSDIR}/bulk/${MACHINE_ARCH}
> -UPDATE_COOKIES_DIR ?= ${PORTSDIR}/update/${MACHINE_ARCH}
> +BULKDIR ?= ${PORTSDIR}/bulk
> +BULK_COOKIES_DIR ?= ${BULKDIR}/${MACHINE_ARCH}
> +UPDATEDIR ?= ${PORTSDIR}/update
> +UPDATE_COOKIES_DIR ?= ${UPDATEDIR}/${MACHINE_ARCH}
>
> PLIST_REPOSITORY ?= ${PORTSDIR}/plist
> .if !empty(PLIST_REPOSITORY)
> @@ -2075,7 +2077,8 @@ fix-permissions:
> fi
> . for d in ${LOCKDIR} ${PACKAGE_REPOSITORY} \
> ${PACKAGE_REPOSITORY}/${MACHINE_ARCH} \
> - ${BULK_COOKIES_DIR} ${UPDATE_COOKIES_DIR} \
> + ${BULKDIR} ${BULK_COOKIES_DIR} \
> + ${UPDATEDIR} ${UPDATE_COOKIES_DIR} \
> ${PLIST_REPOSITORY} ${WRKOBJDIR}
> @b=`id -gn ${BUILD_USER}`; \
> echo "give $d to ${BUILD_USER}:$$b"; \
>
>
Well adding more variables for basically nothing is a bad idea, we have
a lot of these already. Especially non-descriptive stuff as you've
chosen compared to the actual variables.

Having those parent directories belong to root is not a big issue.

Definitely doesn't justify extra variables (or churn in the existing
variables, for that matter)

No comments:

Post a Comment