Date: Wed, 25 Feb 2009 10:55:10 -0600 From: Eric Schuele <e.schuele@computer.org> To: Aleksandr Miroslav <alexmiroslav@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: weird permissions on directories when installing ports through sudo Message-ID: <49A577EE.3030604@computer.org> In-Reply-To: <9fa4f0760902191356s7297d7b0ycac7ff0a885efd1f@mail.gmail.com> References: <9fa4f0760902191356s7297d7b0ycac7ff0a885efd1f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigB7CE3390A5F20B6777201435 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 02/19/2009 15:56, Aleksandr Miroslav wrote: > For the longest time, I have installed ports via the "sudo make install= " or > "sudo portupgrade" or "sudo portinstall" method and never had a problem= =2E This seems to have jumped up and bitten me on the arse as well. I believe the "problem" lies herein: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/sudo/distinfo?rev=3D= 1.61 It appears that sudo has been changed following a security issue. I use a more restrictive umask than the default. I suspect you do as well. The sudo change now implements a union of umasks, therefore never lowering the umask of the person running sudo. This had the effect of truly screwing up many installed ports for me (I do the same as you `sudo portupgrade`). I'm not blaming the fix... just whining about it. The fix for me was to deinstall and reinstall and problem ports using root himself. I suspect though you could fix it other ways by fiddling with your usmask, and/or altering the sudo config files. >=20 >=20 > Recently, as of a few weeks ago, I started noticing that ports that wer= e > installed or upgraded were getting the wrong permissions. Not only were= > directories getting permissions of 700 (whereas previously they had bee= n > 755), but the directories /usr/local and entries in /var/db/pkg were ge= tting > permissions of 700. >=20 > This is causing a lot of things to break, and I have to manually go in = and > make everything public for it to work again. >=20 > This only happens when I build ports via sudo. If I am root and I run m= ake > install, everything works fine. yeah. Me too. :) >=20 > I haven't changed anything recently either in sudo, or my umask. >=20 > What can I do to fix this? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd= =2Eorg" >=20 >=20 --=20 Regards, Eric --------------enigB7CE3390A5F20B6777201435 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (FreeBSD) iEYEARECAAYFAkmld+4ACgkQngSDRM3IXUoj4wCg6iysUNI3rLlmeX6PtUn/jAMx CGEAn00028wrhQgWYiuLrR7MTVeJj2pH =LhaQ -----END PGP SIGNATURE----- --------------enigB7CE3390A5F20B6777201435--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49A577EE.3030604>