FS#12333 - pacman sets wrong permissions in /var/lib/pacman/local

Attached to Project: Arch Linux
Opened by Heiko Baums (cyberpatrol) - Wednesday, 03 December 2008, 22:41 GMT
Last edited by Allan McRae (Allan) - Sunday, 28 December 2008, 08:49 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Dan McGee (toofishes)
Architecture All
Severity Medium
Priority Normal
Reported Version None
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
pacman 3.2.1 sets wrong permissions for the subdirectories in /var/lib/pacman/local.
The subdirectories are chown to root:root as expected but only chmod 700 while it should be 755.

The files in these subdirectories are not affected. They get 644.

This leads to many error messages from yaourt. I usually update my system with yaourt -Syu --aur. After the updates I get this message:
Packages that were instaled as dependencies but are no longer required by any installed package:
Error:
Error:
Error:
... (filling pages)

This is due to the wrong permissions.

root has umask 022 and my unprivileged user has umask 077, but pacman usually is run with sudo. So this shouldn't be the reason.

Additional info:
* package version(s)
pacman-3.2.1

Steps to reproduce:
yaourt -Syu --aur
or
pacman -Syu
This task depends upon

Closed by  Allan McRae (Allan)
Sunday, 28 December 2008, 08:49 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#12263 
Comment by Jan de Groot (JGC) - Wednesday, 03 December 2008, 23:01 GMT
Sudo doesn't clear the environment, so it takes over all settings from the normal user account. Pacman should ignore the umask if possible.
Comment by Heiko Baums (cyberpatrol) - Wednesday, 03 December 2008, 23:12 GMT
I doubt that this has something to do with umask, because the files in the subdirectories get 644. If the normal users' umask was the problem they would also get 600.
Comment by Jan de Groot (JGC) - Wednesday, 03 December 2008, 23:31 GMT
From be_files.c:

oldmask = umask(0000);
mkdir(pkgpath, 0755);
/* make sure we have a sane umask */
umask(0022);

After that, the files are created.
Comment by Heiko Baums (cyberpatrol) - Thursday, 04 December 2008, 11:56 GMT
I found out, that not every directory is set with the wrong permissions.

Today I ran a system update with `pacman -Syu`. There were 3 packages updated: mutagen-1.15-1, vlc-0.9.8a-1 and xvidcore-1.2.0-1.
Only the directory /var/lib/pacman/local/mutagen-1.15-1 had the wrong permissions 700. The other two directories had the correct permissions 755.

Can this be a problem with the packages or with a new version of a tool with which the packages are built?
Comment by Dan McGee (toofishes) - Thursday, 04 December 2008, 13:59 GMT
I really don't think the package building stage has anything to do with this- database files are *completely* separate from installed package files.
Comment by Anonymous Submitter - Sunday, 28 December 2008, 08:44 GMT
I'm suffering from this too. I think the directories without this problem are ones that were created before the change of the umask e.g. ones created during initial Arch Linux install.

I think there would be value in having some options in /etc/pacman.conf to allow explict setting of directory permissions and ownership. This would allow overcoming this specific problem, but also allow system administrators to control who can perform queries against the pacman package databases.

Loading...