From owner-freebsd-hackers  Thu Sep  6 12:26:14 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from dayspring.firedrake.org (dayspring.firedrake.org [195.82.105.251])
	by hub.freebsd.org (Postfix) with ESMTP id 1AAC037B406
	for <freebsd-hackers@freebsd.org>; Thu,  6 Sep 2001 12:26:11 -0700 (PDT)
Received: from float by dayspring.firedrake.org with local (Exim 3.22 #1 (Debian))
	id 15f4kQ-0001oB-00; Thu, 06 Sep 2001 20:23:34 +0100
Date: Thu, 6 Sep 2001 20:23:34 +0100
To: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
Cc: freebsd-hackers@freebsd.org
Subject: Re: Permissions on /root directory and /etc/mtree/BSD.root.dist
Message-ID: <20010906202334.A6682@firedrake.org>
References: <004f01c1369d$5fc07ba0$6d36120a@comsys.ntukpi.kiev.ua>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <004f01c1369d$5fc07ba0$6d36120a@comsys.ntukpi.kiev.ua>
User-Agent: Mutt/1.3.18i
From: void <float@firedrake.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Thu, Sep 06, 2001 at 10:30:08AM +0400, Andrey Simonenko wrote:
> 
> 0700 mode restricts other users from reading /root directory.
> When root wants to upgrade system he/she run "make buildworld",
> "make installworld". But installworld calls mtree, which changes
> /root permissions to default value specified in the /etc/mtree/BSD.root.dist
> file. So, if administrator will not forgot about needed permissions
> on /root, then installworld will open /root directory for reading
> for everybody.
> 
> I propose not to change permissions on /root directory in
> the /etc/mtree/BSD.root.dist file and leave them unchanged.
> 
> Comments?

There is a whole class of problems like this.  For example, my
installation of mutt doesn't work right if /var/mail is not mode 1777,
but BSD.var.dist changes it to 755 every time I installworld.

I think a more general solution might be in order.  Perhaps some sort
of local.dist that is processed after BSD.*.dist.

As a workaround, I put "chmod 1777 /var/mail" in my rc.local script.
I suggest you do something similar.

-- 
 Ben

"An art scene of delight
 I created this to be ..."		-- Sun Ra

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message