Bug 576968

Summary:	sys-apps/gentoo-systemd-integration: make /run/lock perms consistent with non-systemd installs
Product:	Gentoo Linux	Reporter:	Soren Harward <stharward>
Component:	[OLD] Core system	Assignee:	Gentoo systemd Team <systemd>
Status:	RESOLVED FIXED
Severity:	normal	CC:	arthur
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Soren Harward 2016-03-10 15:53:19 UTC

/usr/lib/tmpfiles.d/gentoo-run.conf currently contains:

d /run/lock 0755 root root -

Non-systemd Gentoo installs set the directory to root:uucp 0770 (cf. https://bugs.gentoo.org/show_bug.cgi?id=17738).  The current settings are too strict because they prevent users in the uucp group, who have access to the serial ports, from creating lock files for those ports, which causes most serial terminal programs to fail or complain.

Please change /usr/lib/tmpfiles.d/gentoo-run.conf to

d /run/lock 0770 root uucp -

Comment 1 Mike Gilbert gentoo-dev

2016-03-10 16:00:26 UTC

What creates that directory on an openrc system? Just want to verify it against a reference implementation.

Comment 2 Soren Harward 2016-03-10 16:37:13 UTC

# grep -IHn '\block\b' `qlist sys-apps/openrc`
/lib64/rc/sh/init.sh:71:checkpath -d -m 0775 -o root:uucp /run/lock

So I guess the tmpfiles.d entry should actually be

d /run/lock 0775 root uucp -

1775 is probably a better idea (it's what I changed it to on my system), so that users can't go deleting each others' lock files.

Comment 3 Soren Harward 2019-10-06 13:54:51 UTC

This was fixed in 2017: https://gitweb.gentoo.org/proj/gentoo-systemd-integration.git/commit/tmpfiles.d/gentoo-run.conf?id=0f7a75329c65ec87a7f03c67e421bbab32ca5e6c