From 25a8bd7b6b405c2cb89a67aeb3129892d4a70f28 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89rico=20Rolim?= <erico.erc@gmail.com>
Date: Fri, 15 Jan 2021 19:44:36 -0300
Subject: [PATCH] opendoas: set permissions during do_install.

- setting permissions in a INSTALL script makes the program unusable
between it being unpacked and the INSTALL script actually being run; for
users with other long running post-install steps, e.g. DKMS modules,
this can be a long time where an administrative tool can't be used.

- furthermore, any interruption of the post-install steps or a power
failure will have a much higher probability of leaving the user with a
non suid executable than if it had been set at install time.

- making the binary permissions 4111 isn't necessary; the binary can be
retrieved in multiple manners, so this doesn't offer any protection (and
the binary would be "unprotected" anyway while INSTALL hasn't run yet).
opendoas's makefile can chmod the executable, so we just stop removing the
chmod line from its makefile.

- also xlintify.
---
 srcpkgs/opendoas/INSTALL  | 8 --------
 srcpkgs/opendoas/template | 8 +++-----
 2 files changed, 3 insertions(+), 13 deletions(-)
 delete mode 100644 srcpkgs/opendoas/INSTALL

diff --git a/srcpkgs/opendoas/INSTALL b/srcpkgs/opendoas/INSTALL
deleted file mode 100644
index 352dcde82cd..00000000000
--- a/srcpkgs/opendoas/INSTALL
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This script sets up correct perms for usr/bin/doas.
-#
-case "${ACTION}" in
-post)
-	chmod 4111 usr/bin/doas
-	;;
-esac
diff --git a/srcpkgs/opendoas/template b/srcpkgs/opendoas/template
index f2084305d1e..fb68b70ddeb 100644
--- a/srcpkgs/opendoas/template
+++ b/srcpkgs/opendoas/template
@@ -1,7 +1,7 @@
 # Template file for 'opendoas'
 pkgname=opendoas
 version=6.8
-revision=1
+revision=2
 wrksrc="OpenDoas-$version"
 build_style=configure
 configure_args="--prefix=/usr $(vopt_with 'pam') $(vopt_with 'timestamp')"
@@ -10,7 +10,7 @@ hostmakedepends="bison"
 makedepends="$(vopt_if 'pam' 'pam-devel')"
 short_desc="Portable OpenBSD doas to execute commands as another user"
 maintainer="Duncaen <duncaen@voidlinux.org>"
-license="ISC, BSD-3-clause"
+license="ISC, BSD-3-Clause"
 homepage="https://github.com/Duncaen/OpenDoas"
 distfiles="https://github.com/Duncaen/OpenDoas/archive/v${version}.tar.gz"
 checksum=c53edc59a576cfe8ec8737230e7d0398842a5a8c925e25065463ab632a7eaba9
@@ -19,12 +19,10 @@ build_options="pam timestamp"
 build_options_default="pam timestamp"
 desc_option_timestamp="enable persistent auth using timestamps"
 
-
 pre_configure() {
 	cp ${FILESDIR}/doas.pam pam.d__doas__linux
 	vsed -i GNUmakefile \
-		-e '/chown ${BINOWN}:${BINGRP}/d' \
-		-e '/chmod ${BINMODE}/d'
+		-e '/chown ${BINOWN}:${BINGRP}/d'
 }
 
 post_install() {