Bug#573701: base-files: /usr/src permissions causes make-kpkg failure "control directory has bad permissions 2755" (fwd)

Sat, 13 Mar 2010 02:12:34 -0800 

Hello Manoj.

I'd like to hear your opinion on this as kernel-package maintainer.

On one hand, /usr/src has been sgid-src for ages, so make-kpkg should
probably deal with that gracefully.

On the other hand, I don't really see the point in having /usr/src sgid-src
by default.

While we are at it, I wonder how is this different from /usr/local and
the group staff. The only difference I see is that /usr/local is in
policy while /usr/src is not.

Thanks.

---------- Forwarded message ----------
From: "Andreas [UTF-8] Krüger" <andreas.krue...@famsik.de>
To: sub...@bugs.debian.org
Date: Sat, 13 Mar 2010 10:18:00 +0100
Subject: Bug#573701: base-files: /usr/src permissions causes make-kpkg failure
    "control directory has bad permissions 2755"

Package: base-files
Version: 5.1
Severity: normal

To help investigate bug 571457, I wanted to compile an openvz upstream
kernel obtained by

    cd /usr/src
    git clone git://git.openvz.org/pub/linux-2.6.26-openvz openvz-git-kernel

For the actual kernel compile, I configured and then tried the Debian way:

    cd /usr/src/openvz-git-kernel
    make-kpkg --initrd kernel_image

Expected result: A linux-image .deb package gets built.

Result seen: The build fails, with an error message

    dpkg-deb: control directory has bad permissions 2755 (must be >=0755
and <=0775)

My analysis: base-files sets up /usr/src with the g+s permission bit,
that bit infects my entire source directory tree, make-kpkg doesn't like
that.

My take on this: Various Debian packages should fit together, but
base-files and make-kpkg don't, in this respect.

My own suggestion towards how to achieve cooperation: Drop the g+s bit
from /usr/src.

My workaround does exactly that:

    chroot -R g-s .

Final "pea-counting" remarks on the precise package version:

The build actually failed on a Lenny system with base-files version 5lenny5.

I verified that it is the base-files package that sets up the g+s
permission, via

   rm -rf /usr/src
   aptitude reinstall base-files
   ls -l /usr

But I did this verification on a different system (in fact, an openvz
guest of the Lenny system host) which has "testing" installed.

I didn't bother to retry the entire kernel compilation on that "testing"
system.  (I would be willing to do that if people think it's worth the
effort.)

Regards, and thank you for providing fine software,

Andreas

[...]



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to