[poky] [PATCH 1/1] sudo: Modify ownership for directory "/var/lib"

Xiaofeng Yan xiaofeng.yan at windriver.com
Sat May 21 19:22:00 PDT 2011 

On 2011?05?22? 02:48, Wolfgang Denk wrote:
> Dear Xiaofeng Yan,
>
> In message<d448b57c57fec346230d40fadc08625bd8c83224.1305972143.git.xiaofeng.yan at windriver.com>  you wrote:
>> From: Xiaofeng Yan<xiaofeng.yan at windriver.com>
>>
>> [YOCTO #1092]
>> Solve access permission for directory "/var/lib".
>> Makefile from package sudo change the ownership incorrectly.
>>
>> Signed-off-by: Xiaofeng Yan<xiaofeng.yan at windriver.com>
>> ---
>>   meta/recipes-extended/sudo/sudo.inc |    1 +
>>   1 files changed, 1 insertions(+), 0 deletions(-)
>>
>> diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
>> index 6a04a9c..5ea089c 100644
>> --- a/meta/recipes-extended/sudo/sudo.inc
>> +++ b/meta/recipes-extended/sudo/sudo.inc
>> @@ -30,4 +30,5 @@ pkg_postinst_${PN} () {
>>
>>   	chmod 4111 /usr/bin/sudo
>>   	chmod 0440 /etc/sudoers
>> +	chmod 0755 /var/lib
> Sorry, but this commit message is misleading.  You don't change the
> ownership here, but the file permissions.
>
Hi Wolfgang Denk,
Thanks for your reply. I am make lsb test to pass LSB certification. LSB 
Test suite check /vat/lib, but failed with the following information.
/tset/LSB.fhs/var/lib/lib-tc 1 	failed 	


        Message from the test:

Reference 5.8-1(A)
The /var/lib directory exists and is searchable
Unexpected output written to stdout, as shown below:
stdout:lsb_test_dir: expected be able to search directory /var/lib, got an error
stdout:ls: cannot open directory /var/lib: Permission denied



emenlow$ls /var/lib -l
drwx------ 10 root root 4096 May 20 19:21 lib

For general machine, the ownership  of this directory is as follow:
ubuntu$ls /var/lib -l
drwxr-xr-x 67 root root 4096 2010-12-15 23:30 lib

In fact, many packages make a operation to directory "/var/lib". I find 
the Makefile from package "sudo" change the ownership. Please  review 
the following patch.

--- Makefile.orj    2011-05-21 16:32:35.392833427 +0800
+++ Makefile    2011-05-21 16:36:47.979380106 +0800
@@ -482,7 +482,7 @@
          $(DESTDIR)$(visudodir) $(DESTDIR)$(noexecdir) \
          $(DESTDIR)$(sudoersdir) $(DESTDIR)$(docdir) \
          $(DESTDIR)$(mandirsu) $(DESTDIR)$(mandirform)
-   $(SHELL) $(srcdir)/mkinstalldirs -m 0700 $(DESTDIR)$(timedir)
+   $(SHELL) $(srcdir)/mkinstalldirs -m 0755 $(DESTDIR)$(timedir)

   install-binaries: install-dirs $(PROGS)
      $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -M 04111 sudo
$(DESTDIR)$(sudodir)/sudo

So "0700" make this directory without access permission. Perhaps it 
could not be right method, I think you have a better method to solve 
this problem. If you have, Please share with me.
Thanks for your suggestion again.

Thanks
Yan
> Best regards,
>
> Wolfgang Denk
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/poky/attachments/20110522/afb6abcb/attachment.html>

More information about the poky mailing list