On (25/11/14 15:52), Pavel Reichl wrote:
On 11/25/2014 03:48 PM, Pavel Reichl wrote:
On 11/25/2014 03:38 PM, Lukas Slebodnik wrote:
On (25/11/14 14:26), Pavel Reichl wrote:
On 11/19/2014 10:45 AM, Jakub Hrozek wrote:
Thanks.
>From 649aae0d47299229f2afe51fa27e6c315d967ae1 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Thu, 30 Oct 2014 10:13:54 +0000
Subject: [PATCH] BUILD: restrict perms. when installing from source
Resolves:
https://fedorahosted.org/sssd/ticket/2467
---
Makefile.am | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Makefile.am b/Makefile.am
index 56a562c761d39ff5f54bc034ede563c40bf21ef8..21f02388efe360ecea9cdd157f91ffe172b08f91
100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2831,6 +2831,9 @@ if SSSD_USER
-chown $(SSSD_USER):$(SSSD_USER) \
$(SSSD_USER_DIRS)
endif
+ $(INSTALL) -d -m 0700 $(DESTDIR)$(dbpath) $(DESTDIR)$(logpath)
$(DESTDIR)$(pipepath)/private
+ $(INSTALL) -d -m 0755 $(DESTDIR)$(mcpath) $(DESTDIR)$(pipepath)
$(DESTDIR)$(pubconfpath) $(DESTDIR)$(pubconfpath)/krb5.include.d
$(DESTDIR)$(gpocachepath)
I would like to apologize for nitpicking but previous two lines are
longer
than 80 characters.
LS
No need to apologize, I just hope you like the formatting of continuous
lines.
Sorry, I used tab instead of spaces on one of the continuous lines, updated
patch attached.
>From 4364ca79d714105082057806f320b73ef1fc1a67 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Thu, 30 Oct 2014 10:13:54 +0000
Subject: [PATCH] BUILD: restrict perms. when installing from source
Resolves:
https://fedorahosted.org/sssd/ticket/2467
---
Makefile.am | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/Makefile.am b/Makefile.am
index 56a562c761d39ff5f54bc034ede563c40bf21ef8..84f22fd0ce7bb59dd90609ced3c26a3b91c3c74d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2831,6 +2831,12 @@ if SSSD_USER
-chown $(SSSD_USER):$(SSSD_USER) \
$(SSSD_USER_DIRS)
endif
+ $(INSTALL) -d -m 0700 $(DESTDIR)$(dbpath) $(DESTDIR)$(logpath) \
+ $(DESTDIR)$(pipepath)/private
+ $(INSTALL) -d -m 0755 $(DESTDIR)$(mcpath) $(DESTDIR)$(pipepath) \
+ $(DESTDIR)$(pubconfpath) \
+ $(DESTDIR)$(pubconfpath)/krb5.include.d $(DESTDIR)$(gpocachepath)
+ $(INSTALL) -d -m 0711 $(DESTDIR)$(sssdconfdir)
Two directories has different permissions with and without patch.
Before:
[root@e6078a90f933 /]# ls -ld /var/log/sssd/
drwxr-x---. 2 root root 4096 Sep 25 08:54 /var/log/sssd/