* [gentoo-dev-announce] Policies for games dirs, new group "gamestat" for sgid binaries
@ 2015-02-19 14:19 Ulrich Mueller
0 siblings, 0 replies; only message in thread
From: Ulrich Mueller @ 2015-02-19 14:19 UTC (permalink / raw
To: gentoo-dev-announce, gentoo-dev
[-- Attachment #1.1: message body text --]
[-- Type: text/plain, Size: 2284 bytes --]
Hi all,
As decided by the Council in its 20140812 meeting [1], every developer
is allowed to commit and maintain games ebuilds. Furthermore:
| There is consensus amongst council members that specific policies
| (e.g., games group, /usr/games hierarchy, and games.eclass) should
| be settled by the QA team.
In yesterday's meeting the QA team has unanimously accepted the
following policies (see bug 537580 for details):
1. Directories /usr/games, /usr/games/bin, /usr/games/lib*,
/usr/share/games, /var/games, /etc/games, and /opt must be owned
by root:root and have permissions 755 (i.e. the default).
This will require a small change in games.eclass, because currently
prepgamesdirs() changes ownership of these directories to root:games
and mode to 0750, so they are readable only by users that are members
of the "games" group. With attached patch, games.eclass will no longer
change permissions of the top-level directories (mostly, these are
identical to the FHS locations).
If a package needs access control, it can still change ownership
and permissions of individual files, or of a subdir that it uses
exclusively. Owner and permission bits of directories that are shared
by multiple packages should be left alone, though.
2. A new group to allow setgid binaries to access shared score/state
files will be created. The name of this group will be "gamestat".
It is quite common for upstream packages to save shared scores or
other state files under /var/games, and access them with the program
(or a special helper) setgid to a low privilege group. In most
distros, that group is called "games" (see for example Debian's policy
in [2]).
Unfortunately, the "games" group (gid 35) cannot be used for that
purpose in Gentoo, because by the long-standing games.eclass policy it
was/is used to control access to games. Therefore, regular users on
many Gentoo systems will be in this group.
Gid 36 is available and can be used for the new "gamestat" group.
I don't think that we need a new eclass for this; creation of the
group would be simply one line in pkg_setup():
enewgroup gamestat 36
Ulrich
[1] http://www.gentoo.org/proj/en/council/meeting-logs/20140812-summary.txt
[2] https://www.debian.org/doc/debian-policy/ch-customized-programs.html#s11.11
[-- Attachment #1.2: games.eclass.patch --]
[-- Type: text/plain, Size: 739 bytes --]
--- games.eclass 21 Nov 2014 21:47:16 -0000 1.159
+++ games.eclass 24 Jan 2015 19:26:16 -0000
@@ -246,10 +246,11 @@
[[ ${dir} = ${GAMES_STATEDIR} ]] && mode=o-rwx,g+r
find "${D}/${dir}" -type f -print0 | xargs -0 chmod $mode
- # common trees should not be games owned #264872
- if [[ ${dir} == "${GAMES_PREFIX_OPT}" ]] ; then
- fowners root:root "${dir}"
- fperms 755 "${dir}"
+ # common trees should not be games owned #264872 #537580
+ fowners root:root "${dir}"
+ fperms 755 "${dir}"
+ if [[ ${dir} == "${GAMES_PREFIX}" \
+ || ${dir} == "${GAMES_PREFIX_OPT}" ]] ; then
for d in $(get_libdir) bin ; do
# check if dirs exist to avoid "nonfatal" option
if [[ -e ${D}/${dir}/${d} ]] ; then
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2015-02-20 23:13 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-02-19 14:19 [gentoo-dev-announce] Policies for games dirs, new group "gamestat" for sgid binaries Ulrich Mueller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox