[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Using ``chmod'' in build phases
|
From: |
Alex Vong |
|
Subject: |
Re: Using ``chmod'' in build phases |
|
Date: |
Thu, 04 Jan 2018 21:05:23 +0800 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) |
ng0 <address@hidden> writes:
> Alex Vong transcribed 12K bytes:
>> Hello,
>>
>> Running ``LC_ALL=C grep -r chmod'' on ``guix/gnu/packages'', gives the
>> following result. As you can see, various modes are used, such as 644,
>> 755, 555, 666, 777, 664.
>
>> Do we have a guide on which mode should be
>> prefered?
>
> As far as I know we don't have such a guide. If someone would write one,
> it should go into the Contributing chapter imo.
>
Agree, we should add it to the manual after we have a consensus.
>> I personally always used 644 for non-executable files, and 755
>> for directories and executable files. Any idea?
>>
>>
>> networking.scm: (chmod "." #o755)
>> commencement.scm: (chmod program #o555))
>> Binary file admin.go matches
>> Binary file fpga.go matches
>> mail.scm: (chmod "mb2md" #o555))
>> Binary file ssh.go matches
>> Binary file package-management.go matches
>> irc.scm: (("/bin/chmod") "chmod")
>> irc.scm: ;; Furthermore bsdinstalls has a reference to /etc/chmod
>> here, which
>> irc.scm: (("/bin/chmod") "chmod")
>> patches/libbase-use-own-logging.patch: // We do an explicit fchmod
>> here because we assume that the caller really
>> patches/libbase-use-own-logging.patch: if (fchmod(fd, mode) == -1) {
>> patches/libbase-use-own-logging.patch:-
>> ALOGE("android::WriteStringToFile fchmod failed: %s",
>> strerror(errno));
>> patches/libbase-use-own-logging.patch:+ PLOG(ERROR) <<
>> "android::WriteStringToFile fchmod failed";
>> patches/findutils-localstatedir.patch: chmod +x $@
>> patches/nss-pkgconfig.patch:+ chmod 0644 nss.pc
>> patches/nss-pkgconfig.patch:+ chmod 0755 nss-config
>> patches/4store-fix-buildsystem.patch:! chmod 1777
>> $(DESTDIR)@FS_STORE_ROOT@
>> patches/cdrtools-3.01-mkisofs-isoinfo.patch:- fchmodat(AT_FDCWD,
>> fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW);
>> patches/cdrtools-3.01-mkisofs-isoinfo.patch:+ fchmodat(AT_FDCWD,
>> fname, fstat_buf.st_mode, AT_SYMLINK_NOFOLLOW);
>> patches/tcsh-fix-autotest.patch: chmod a+x args.sh
>> patches/tcsh-fix-autotest.patch:-chmod a+x script.sh subdir/script.sh
>> patches/tcsh-fix-autotest.patch:+#chmod a+x script.sh subdir/script.sh
>> patches/perl-file-path-CVE-2017-6512.patch:https://anonscm.debian.org/cgit/perl/perl.git/diff/debian/patches/fixes/file_path_chmod_race.diff?id=e7b50f8fb6413f8ddfbbfda2d531615fb029e2d3
>> patches/perl-file-path-CVE-2017-6512.patch:Subject: Prevent
>> directory chmod race attack.
>> patches/perl-file-path-CVE-2017-6512.patch:CVE-2017-6512 is a race
>> condition attack where the chmod() of directories
>> patches/perl-file-path-CVE-2017-6512.patch:the directory-permission
>> loosening logic to systems where fchmod() is
>> patches/perl-file-path-CVE-2017-6512.patch:Patch-Name:
>> fixes/file_path_chmod_race.diff
>> patches/perl-file-path-CVE-2017-6512.patch:- or chmod( $nperm, $root
>> )
>> patches/perl-file-path-CVE-2017-6512.patch:+ # This uses fchmod to
>> avoid traversing outside of the proper
>> patches/perl-file-path-CVE-2017-6512.patch:+ or eval { chmod(
>> $nperm, $root_fh ) }
>> patches/perl-file-path-CVE-2017-6512.patch:+my $fchmod_supported = 0;
>> patches/perl-file-path-CVE-2017-6512.patch:+ eval {
>> $fchmod_supported = chmod( $perm, $fh); };
>> patches/perl-file-path-CVE-2017-6512.patch:+ skip "fchmod of
>> directories not supported on this platform", 3 unless
>> $fchmod_supported;
>> patches/perl-file-path-CVE-2017-6512.patch: #
>> http://perldoc.perl.org/perlport.html#chmod
>> patches/perl-file-path-CVE-2017-6512.patch: skip "Windows chmod test
>> skipped", $skip_count
>> patches/perl-file-path-CVE-2017-6512.patch:+ skip "fchmod() on
>> directories is not supported on this platform", $skip_count
>> patches/perl-file-path-CVE-2017-6512.patch:+ unless $fchmod_supported;
>> patches/perl-file-path-CVE-2017-6512.patch:- $dir =
>> catdir($tmp_base, 'chmod_test');
>> patches/perl-file-path-CVE-2017-6512.patch:+ $dir =
>> catdir($tmp_base, sprintf("chmod_test%04o", $input));
>> patches/portmidi-modular-build.patch:- COMMAND chmod +x
>> pmdefaults/pmdefaults
>> patches/byobu-writable-status.patch:+ chmod +w
>> "$BYOBU_CONFIG_DIR/$f"
>> patches/proot-test-fhs.patch:@@ -34,7 +34,7 @@ chmod +x ${ROOTFS}/${TMP_ABS}
>> patches/rsync-CVE-2017-17434-pt2.patch: extern struct
>> chmod_mode_struct *daemon_chmod_modes;
>> Binary file tex.go matches
>> Binary file networking.go matches
>> virtualization.scm: (chmod "samba-wrapper" #o755)
>> Binary file graphviz.go matches
>> tex.scm: "batchmode; "
>> tex.scm: "batchmode; "
>> tex.scm: "batchmode; "
>> tex.scm: (and (zero? (system* "luatex" "-ini"
>> "-interaction=batchmode"
>> tex.scm: (zero? (system* "tex" "-ini" "-interaction=batchmode"
>> tex.scm: (zero? (system* "latex" "-ini" "-interaction=batchmode"
>> tex.scm: (zero? (system* format "-ini" "-interaction=batchmode"
>> tex.scm: (zero? (system* "luatex" "-ini" "-interaction=batchmode"
>> tex.scm: "batchmode; "
>> tex.scm: "batchmode; "
>> Binary file autotools.go matches
>> ssh.scm: (chmod (string-append (assoc-ref outputs "out")
>> Binary file python.go matches
>> Binary file maths.go matches
>> cups.scm: (for-each (lambda (file) (chmod file #o644))
>> cups.scm: (for-each (lambda (file) (chmod file #o644))
>> axoloti.scm: (chmod target #o555))
>> python.scm: (chmod file #o755))
>> python.scm: (chmod new #o755)
>> Binary file wget.go matches
>> Binary file bioinformatics.go matches
>> kodi.scm: (("autoreconf -vif") "chmod -R u+w ."))
>> Binary file perl.go matches
>> c.scm: (chmod port #o777)))
>> Binary file axoloti.go matches
>> Binary file ocaml.go matches
>> ocaml.scm: (chmod "src/strings.ml" #o600)
>> conkeror.scm: (chmod launcher #o555)))))))
>> Binary file java.go matches
>> Binary file emacs.go matches
>> text-editors.scm: (zero? (system* "chmod" "-R" "u+w"
>> "../test")))))))
>> nvi.scm: (chmod "configure" #o0755)))))
>> disk.scm: (chmod exe #o555)
>> Binary file backup.go matches
>> Binary file music.go matches
>> audio.scm: (chmod file #o644))
>> music.scm: (chmod (string-append out "/share/Aria/Documentation")
>> #o555)
>> music.scm: (chmod (string-append out "/share/Aria/score") #o555)
>> music.scm: (chmod (string-append bin "/tuxguitar") #o555)
>> music.scm: (for-each (cut chmod <> #o644)
>> Binary file zile.go matches
>> emacs.scm: (chmod exwm-executable #o555)
>> emacs.scm: (chmod exwm-executable #o555)
>> perl.scm: (chmod dso #o755))
>> perl.scm: (chmod "blib/arch/auto/Digest/MD5/MD5.so" #o755))))))
>> Binary file bootstrap.go matches
>> tls.scm: (chmod file #o644))
>> certs.scm: (chmod "certdata2pem.py" #o555)
>> java.scm: (chmod target #o755)
>> java.scm: (chmod (string-append bin tool) #o755))
>> java.scm: (chmod target #o755)
>> java.scm: (string-append line "; chmod -R u+w $(BOOT_DIR)")))
>> java.scm: (zero? (system* "chmod" "-R" "u+w" "openjdk"))
>> java.scm: (("/bin/chmod") (which "chmod")))
>> java.scm: ;; The cacerts files we are going to overwrite are
>> chmod'ed as
>> java.scm: (chmod (string-append (assoc-ref outputs "out")
>> java.scm: (chmod (string-append (assoc-ref outputs "jdk")
>> java.scm: (chmod (string-append bin "/antlr3") #o755))))
>> java.scm: (chmod (string-append bin "/antlr3") #o755)
>> java.scm: (chmod (string-append bin "/antlr3") #o755))))
>> java.scm: (chmod (string-append bin "/mvel2") #o755))
>> backup.scm: (chmod target-file-location #o755)
>> Binary file c.go matches
>> linux.scm: (chmod ".config" #o666))
>> linux.scm: (chmod file #o666))
>> linux.scm: (chmod "e2fsck" #o555))))))
>> linux.scm: (chmod "zerofree" #o555)
>> linux.scm: (chmod file #o755))
>> linux.scm: (chmod target #o555)))))
>> Binary file kodi.go matches
>> Binary file monitoring.go matches
>> Binary file virtualization.go matches
>> Binary file audio.go matches
>> Binary file certs.go matches
>> fpga.scm: (zero? (system* "chmod" "+w" "abc/abc")))))
>> Binary file tls.go matches
>> package-management.scm: (chmod po #o666))
>> Binary file text-editors.go matches
>> Binary file commencement.go matches
>> uml.scm: (chmod wrapper #o555))
>> Binary file disk.go matches
>> Binary file graphics.go matches
>> graphviz.scm: (chmod "test/boolean/test.sh" #o777))
>> web.scm: (chmod "woof" #o555))
>> Binary file netpbm.go matches
>> bootloaders.scm: (zero? (system* "chmod" "a+w"
>> "utils/isohybrid.in"))))
>> Binary file uml.go matches
>> bootstrap.scm: (chmod bin-dir #o755)
>> bootstrap.scm: (chmod guile #o555)
>> bootstrap.scm: (chmod bin-dir #o555))))))
>> bootstrap.scm: (chmod "bin" #o755)
>> bootstrap.scm: (chmod "bin" #o555)
>> bootstrap.scm: (chmod "lib" #o755)
>> bootstrap.scm: (chmod "." #o755)
>> bootstrap.scm: (chmod "gcc" #o555))))))
>> engineering.scm: (chmod (string-append out "/bin/" script) #o555)))
>> Binary file conkeror.go matches
>> Binary file bootstrap/x86_64-linux/mkdir matches
>> Binary file bootstrap/armhf-linux/mkdir matches
>> Binary file bootstrap/i686-linux/mkdir matches
>> Binary file bootstrap/mips64el-linux/mkdir matches
>> Binary file bootstrap/aarch64-linux/mkdir matches
>> Binary file readline.go matches
>> Binary file games.go matches
>> Binary file irc.go matches
>> readline.scm: (for-each (lambda (f) (chmod f #o755))
>> readline.scm: (for-each (lambda (f) (chmod f #o644))
>> wget.scm: (chmod file #o755))
>> games.scm: (chmod (string-append bin "/roguebox-adventures") #o555)
>> games.scm: (chmod port #o777)))))
>> games.scm: (chmod "redeclipse_linux" #o555)
>> games.scm: (chmod "redeclipse_server_linux" #o555)))
>> games.scm: (chmod higan #o555)
>> games.scm: (chmod prog #o755)
>> games.scm: (chmod wrapper #o555)
>> zile.scm: (chmod file #o755))
>> lisp.scm: (chmod wrapper #o755))
>> lisp.scm: (chmod script #o755)
>> Binary file base.go matches
>> Binary file cups.go matches
>> bioinformatics.scm: (chmod wrapper #o555)))))))
>> bioinformatics.scm: (chmod (string-append target "GESS.py") #o555)
>> bioinformatics.scm: (chmod "_pytadbit/_version.py" #o664)
>> bioinformatics.scm: (chmod "README.rst" #o664)
>> autotools.scm: (chmod (string-append bin "/autoconf") #o555)))))))
>> Binary file nvi.go matches
>> monitoring.scm: (("chmod g\\+s.*" all)
>> Binary file web.go matches
>> version-control.scm: (chmod new #o555))
>> admin.scm: (chmod "bind/bind.tar.gz" #o644)
>> Binary file linux.go matches
>> graphics.scm: (chmod "brdf" #o555))))))))
>> Binary file bootloaders.go matches
>> Binary file version-control.go matches
>> base.scm: (chmod ld #o555)
>> Binary file mail.go matches
>> netpbm.scm: (chmod "config.mk" #o664)
>> simulation.scm: ;; 'chmod' step is needed before running the
>> applications. For
>> simulation.scm: ;; $ chmod -R u+w .
>> Binary file lisp.go matches
>> maths.scm: (chmod "src/maxima" #o555)
>> maths.scm: (chmod wrapper #o555))))
>> Binary file engineering.go matches
>>
>>
>> Cheers,
>> Alex
signature.asc
Description: PGP signature