[20209] in Kerberos_V5_Development
Re: Permissions for shared libraries in Kerberos
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Sat Nov 28 22:51:02 2020
Date: Sat, 28 Nov 2020 19:50:36 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Cy Schubert <Cy.Schubert@cschubert.com>
Message-ID: <20201129035036.GX34187@kduck.mit.edu>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <202011280709.0AS79Aao034028@slippy.cwsent.com>
Cc: krbdev@mit.edu, Ken Hornstein <kenh@cmf.nrl.navy.mil>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, Nov 27, 2020 at 11:09:10PM -0800, Cy Schubert wrote:
> In message <20201126190626.GD34187@kduck.mit.edu>, Benjamin Kaduk writes:
> > They end up shared on FreeBSD (via packaging) as well, though I'm not the
> > package maintainer for that one and didn't fully track down exactly where
> > that happens. (The default INSTALL_LIB specifies a file mode to use, but
> > it was not entirely clear to me that we actually honor INSTALL_LIB just
> > from a `git grep`.)
>
> Packaging of krb5 on FreeBSD uses the defaults in ports, that being 0644.
> The only override within the four krb5 ports is for ksu because packaging
> strips the setuid bit and therefore must be set (again) in the packaging
> plist file. In other words the FreeBSD krb5 packages are vanilla krb5. If
> they are changed to 0755 I'll probably adjust the SHAREMODE to 0644 in the
> packaging plist file, simply to avoid a ticket.
Oops, my shell history points out that I only looked at the x bit on the
libkrb5.so symlink and not the actual libraries themselves.
Sorry for the confusing/wrong statement (but on the plus side, I am less
confused about how it got that way, now!).
-Ben
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
