Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 447776 - sys-apps/apply-default-acl - Apply default POSIX ACLs to files and directories
Summary: sys-apps/apply-default-acl - Apply default POSIX ACLs to files and directories
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal enhancement (vote)
Assignee: Mikle Kolyada (RETIRED)
URL: http://michael.orlitzky.com/code/reap...
Whiteboard:
Keywords: EBUILD
Depends on:
Blocks:
 
Reported: 2012-12-18 22:25 UTC by Michael Orlitzky
Modified: 2013-01-13 01:14 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Draft ebuild for sys-apps/reapply_default_acl-0.0.2 (reapply_default_acl-0.0.2.ebuild,440 bytes, text/plain)
2012-12-18 22:25 UTC, Michael Orlitzky 		Details
Ebuild for sys-apps/apply-default-acl-0.0.3 (apply-default-acl-0.0.3.ebuild,423 bytes, text/plain)
2012-12-25 20:59 UTC, Michael Orlitzky 		Details
apply-default-acl-0.0.3.ebuld (apply-default-acl-0.0.3.ebuild,524 bytes, text/plain)
2013-01-09 13:00 UTC, Mikle Kolyada (RETIRED) 		Details
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Orlitzky gentoo-dev 2012-12-18 22:25:20 UTC 
Created attachment 332692 [details]
Draft ebuild for sys-apps/reapply_default_acl-0.0.2

I personally think this belongs in `setfacl`, but upstream has been unresponsive. In any case: sometimes you need to reapply the default ACL to a (set of) files or directories.

For example, wordpress plugins come zipped. When I unzip them, neither unzip not 7z (which I actually use) respects the ACLs in the parent directory[1]. So the permissions are wrong and the website breaks.

Our developers shouldn't have to worry about who gets permissions to what -- that's my job and it should be automatic. This is their "just fix it" button.





[1] Tar and cp also have this problem, but I've patched them.
Comment 1 Michael Orlitzky gentoo-dev 2012-12-25 20:59:24 UTC 
Created attachment 333340 [details]
Ebuild for sys-apps/apply-default-acl-0.0.3

By populat demand, I've dropped the name "reapply" in favor of "apply", and switched from underscores to hyphens.
Comment 2 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2013-01-09 13:00:53 UTC 
Created attachment 334942 [details]
apply-default-acl-0.0.3.ebuld
Comment 3 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2013-01-09 13:02:03 UTC 
@proxy-maintainers, i will take care of it.
Comment 4 Michael Orlitzky gentoo-dev 2013-01-09 14:53:45 UTC 
(In reply to comment #2)
> Created attachment 334942 [details]
> apply-default-acl-0.0.3.ebuld

I left the tests out of my ebuild because they rely on the existence of a few system users. I've settled on 'mail' and 'news' -- are these guaranteed to exist on all Gentoo systems?

If not, I'm happy to change the test suite.
Comment 5 Sergey Popov gentoo-dev 2013-01-09 14:57:16 UTC 
(In reply to comment #4)
> (In reply to comment #2)
> > Created attachment 334942 [details]
> > apply-default-acl-0.0.3.ebuld
> 
> I left the tests out of my ebuild because they rely on the existence of a
> few system users. I've settled on 'mail' and 'news' -- are these guaranteed
> to exist on all Gentoo systems?
> 
> If not, I'm happy to change the test suite.

I suppose that 'bin' and 'daemon' would exist in everybody's configuration. I will look into tests more carefully later...
Comment 6 Sergey Popov gentoo-dev 2013-01-13 01:07:38 UTC 
+  13 Jan 2013; Sergey Popov <pinkbyte@gentoo.org>
+  +apply-default-acl-0.0.3.ebuild, +metadata.xml:
+  Initial commit, ebuild by Michael Orlitzky and Mikle Kolyada. The latter will
+  maintain this package through proxy maintainers
Comment 7 Michael Orlitzky gentoo-dev 2013-01-13 01:14:59 UTC 
Thank you both. I will release a new version in a week or so using the bin/daemon users for the tests. There's one other feature I'd like to sneak in first though.

I will also make the tests fail with a decent error message if for some reason those users don't exist.