Didier Verna <[EMAIL PROTECTED]> wrote: > Frank Küster <[EMAIL PROTECTED]> wrote: > >> Or/and a debconf question of higher priority? > > Sure ! That's the way to go !
Hm, I've looked into this a little further. According to my analysis, - a noninteractive install of tex-common will give world-writable /var/cache/fonts - a noninteractive upgrade of tex-common from etch to sid will give world-writable /var/cache/fonts - only if you answer "Yes" to the "Manage font cache with debconf" question, you get a non-world-writable /var/cache/fonts So I assume that you already did see the debconf question, but still answered "yes" and were not aware of the consequences, right? Would the following patch have been enough for you? (The first line in the description field is displayed as heading for the question, depending on the frontend used). Template: tex-common/managecache Type: boolean _Description: Manage the permissions of the TeX font cache with debconf? A TeX system may have to generate new font data (pixel data, metric, sources) on the fly. These files can be saved into the TeX font cache in /var/cache/fonts and later reused. . If you accept, you can specify a group name and *all* directories under /var/cache/fonts will get ownership root:<groupname> and permission bits 3775 (i.e. writable for the group <groupname>, sticky and setgid . bit set). Accordingly, the ls-R index file will be owned and writable by that group. . + If you accept, font generation will only work for uses that have been + added to the group you chose - this has to be done manually by you! + . The default is not to manage permissions with debconf, but this is just because this is required for building other Debian packages. In almost every other setup, like desktop machines or multi-user servers, accepting - this is strongly recommended! + this (and adding users to the group) is strongly recommended! Template: tex-common/groupname Type: string Default: users _Description: Group that should own the TeX font cache You can choose a specific group which will own all directories under and including the TeX font cache /var/cache/fonts. These directories will - get permission 3775. We suggest to select the group 'users' here. + get permission 3775. + . + Note that on a Debian system, nobody is member of the "users" group by + default, they have to be added manually! Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX)
