[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lmi-commits] [lmi] master 2cae628 4/5: Set GID for lmi directories
|
From: |
Greg Chicares |
|
Subject: |
[lmi-commits] [lmi] master 2cae628 4/5: Set GID for lmi directories |
|
Date: |
Sat, 9 May 2020 15:23:13 -0400 (EDT) |
branch: master
commit 2cae6288f290aacfeaddd2eeac3f5c3e76b9bc66
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>
Set GID for lmi directories
As tempting as it may seem to replace two commands like
mkdir --parents /etc/opt/lmi
chmod g=u+s /etc/opt/lmi
with one
mkdir --parents --mode=[whatever] /etc/opt/lmi
that's not really a good idea. Consider:
$umask 027
$rm -rf ./abc/def; mkdir -p --mode=g+s abc/def; ls -ld abc abc/def
drwx------ 3 greg greg 4096 May 9 16:00 abc
drwxrwsrwx 2 greg greg 4096 May 9 16:00 abc/def
$rm -rf ./abc/def; mkdir -p --mode=+02000 abc/def; ls -ld abc abc/def
drwx------ 3 greg greg 4096 May 9 16:00 abc
drwxrwsrwx 2 greg greg 4096 May 9 16:00 abc/def
$rm -rf ./abc/def; mkdir -p --mode=g=u+s abc/def; ls -ld abc abc/def
drwx------ 3 greg greg 4096 May 9 16:08 abc
drwxrwsrwx 2 greg greg 4096 May 9 16:08 abc/def
$rm -rf ./abc/def; mkdir -p abc/def; chmod g=u+s abc/def; \
ls -ld abc abc/def
drwx------ 3 greg greg 4096 May 9 16:00 abc
drwxrws--- 2 greg greg 4096 May 9 16:00 abc/def
As
www.gnu.org/software/coreutils/manual/html_node/mkdir-invocation.html
explains, '--mode'
| uses the same syntax as in chmod and uses ‘a=rwx’ (read, write and
| execute allowed for everyone) for the point of the departure.
Thus, the "point of departure" is 0777 rather than what umask allows.
---
lmi_setup_21.sh | 12 ++++++++----
lmi_setup_43.sh | 4 ++++
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/lmi_setup_21.sh b/lmi_setup_21.sh
index a893e49..def07b3 100755
--- a/lmi_setup_21.sh
+++ b/lmi_setup_21.sh
@@ -53,13 +53,17 @@ usermod -aG sudo "${NORMAL_USER}" || echo "Oops."
getent group 1001 || groupadd --gid=1001 lmi || echo "Oops."
usermod -aG lmi "${NORMAL_USER}" || echo "Oops."
-mkdir -p /opt/lmi
+mkdir --parents /opt/lmi
+chmod g=u+s /opt/lmi
chown "${NORMAL_USER}":"${NORMAL_GROUP}" /opt/lmi
-mkdir -p /etc/opt/lmi
+mkdir --parents /etc/opt/lmi
+chmod g=u+s /etc/opt/lmi
chown "${NORMAL_USER}":"${NORMAL_GROUP}" /etc/opt/lmi
-mkdir -p /var/opt/lmi
+mkdir --parents /var/opt/lmi
+chmod g=u+s /var/opt/lmi
chown "${NORMAL_USER}":"${NORMAL_GROUP}" /var/opt/lmi
-mkdir -p /srv/cache_for_lmi
+mkdir --parents /srv/cache_for_lmi
+chmod g=u+s /srv/cache_for_lmi
chown "${NORMAL_USER}":"${NORMAL_GROUP}" /srv/cache_for_lmi
chsh -s /bin/zsh "${NORMAL_USER}"
diff --git a/lmi_setup_43.sh b/lmi_setup_43.sh
index db4c9a8..1bc6a6e 100755
--- a/lmi_setup_43.sh
+++ b/lmi_setup_43.sh
@@ -54,13 +54,16 @@ ln --symbolic --force --no-dereference ../hooks .git
# Create a "stash" directory as a manual alternative to 'git-stash':
mkdir --parents /opt/lmi/stash
+chmod g=u+s /opt/lmi/stash
# Create and populate the proprietary source directory used by 'vpath':
mkdir --parents /opt/lmi/src/products/src
+chmod g=u+s /opt/lmi/src/products/src
cp -a /opt/lmi/proprietary/src /opt/lmi/src/products
# ...and the directories for system testing:
cp -a /opt/lmi/proprietary/test /opt/lmi
mkdir --parents /opt/lmi/touchstone
+chmod g=u+s /opt/lmi/touchstone
cp -a /opt/lmi/proprietary/test/* /opt/lmi/touchstone/
# Remove object files previously built without proprietary source:
@@ -89,6 +92,7 @@ make "$coefficiency" system_test
# Create a local mirror of the gnu.org repository:
cd /opt/lmi || { printf 'failed: cd\n'; exit 3; }
mkdir --parents free/src
+chmod g=u+s free/src
cd free/src || { printf 'failed: cd\n'; exit 3; }
# Use git's own protocol wherever possible. In case that's blocked