common/hooks/post-install: add fix permissions hook #30139
+19
−0
Conversation
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Some packages install files with wrong permissions, but sometimes we can detect and fix them.
/usr/share/man: 644
this rule matches a lot of files, mainly because it matches 444 permissions too
/etc/apparmor.d: 600
I chose 600 because that's what aa-genprof creates.
The package lists are not complete.
Are there any other common directories which should be included in this hook? Is forcing 644 in /usr/share/man too strict? Should affected packages be revbumped?