The www/otrs ports ships script, which sets permissions on installed files required for proper run and instructs (see files/pkg-message.in) user how to run it. This is required upstream because of uncertainity about paths, users and groups on target platforms (specially web server may run as www, apache, www-data etc.), but if installed from ports, all mentioned informations are known and already set in the ports Makefile, so permissions on the files may be set during the install targed. However I don't know, if such change may have some implications for installation from packages.
The trouble with this script is that it may be very individual on how people install OTRS. Some have other group names than others. If we let this script run automatically, it will change the permissions any time a user updates the port. That makes no sense and is a security risk.
At first pkg-messages respects USERS and GROUPS so there is no problem with groups, etc.
The actual problem is STAGEDIR support. Prior to conversion to STAGEDIR SetPermissions script was been triggered during post-install target. But! STAGEDIR environment misses USERS and GROUPS thus chown call fails with no such user/group error.
Once STAGEDIR will respect USERS and GROUPS I will be happy to set permissions from Makefile
Hello guys. Is this bug report still relevant? A fix still applicable?
Setting maintainer-feedback+, it was given in time, just never flagged as such.
Well, that depends.
Yes I still have to ask end-user to run SetPermissions script manually after install.
Not sure if pkg does not respect users/group under the stage environment at the moment. I will check it out next days.
I have checked out the things and still setpermissions.pl script invoked from post-install target fails due to missing otrs user in the stage environment. And there is very little I can do with it.
I think fixing this requires some changes in the ports infrastructure so I suggest assign this PR to portmgr.
Any new here?
I will check if ports Mk respects USERS during build/stage. If still not there is nothing I can do with it
(In reply to m.tsatsenko from comment #9)
It does not because the whole build process must be able to finish as a non-root user.
What could be done is running the script with some defaults when the package is installed (via @postexec for example; see https://www.freebsd.org/doc/en/books/porters-handbook/book.html#plist-keywords-base-exec) and informing the user about a way to change the defaults if desired (basically setting the permissions once again).
Return the issue back to the pool