Package: debian-policy
Version: 4.1.4
Severity: normal
Last paragraph of 9.1.2 reads:
"""
If /etc/staff-group-for-usr-local does not exist, /usr/local and all
subdirectories created by packages should have permissions 0755 and be
owned by root:root. If /etc/staff-group-for-usr-local exists,
/usr/local and subdirectories should have permissions 2775
(group-writable and set-group-id) and be owned by root:staff.
"""
In the middle of 9.1.2, there is the following example of how to do
directory creation in /usr/local:
"""
if [ ! -e /usr/local/share/emacs ]; then
if mkdir /usr/local/share/emacs 2>/dev/null; then
if chown root:staff /usr/local/share/emacs; then
chmod 2775 /usr/local/share/emacs || true
fi
fi
fi
"""
The example is way too simple to comply with policy. A more compliant
example would be:
"""
if [ ! -e /usr/local/share/emacs ]; then
if mkdir /usr/local/share/emacs 2>/dev/null; then
if test -e /etc/staff-group-for-usr-local ; then
if chown root:staff /usr/local/share/emacs; then
chmod 2775 /usr/local/share/emacs || true
fi
elif chown root:staff /usr/local/share/emacs; then
chmod 2775 /usr/local/share/emacs || true
fi
fi
fi
"""
Thanks,
~Niels
