Bug 193700 - www/otrs may set permission during install
Summary: www/otrs may set permission during install
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
Keywords: needs-patch, needs-qa
Depends on:
Reported: 2014-09-17 00:11 UTC by knezour
Modified: 2021-01-20 12:47 UTC (History)
4 users (show)

See Also:
vlad-fbsd: maintainer-feedback+


Note You need to log in before you can comment on or make changes to this bug.
Description knezour 2014-09-17 00:11:31 UTC
The www/otrs ports ships script, which sets permissions on installed files required for proper run and instructs (see files/pkg-message.in) user how to run it. This is required upstream because of uncertainity about paths, users and groups on target platforms (specially web server may run as www, apache, www-data etc.), but if installed from ports, all mentioned informations are known and already set in the ports Makefile, so permissions on the files may be set during the install targed. However I don't know, if such change may have some implications for installation from packages.
Comment 1 Bugzilla Automation freebsd_committer 2014-09-17 00:11:31 UTC
Maintainer CC'd
Comment 2 Carlo Strub freebsd_committer 2014-09-21 22:21:18 UTC
The trouble with this script is that it may be very individual on how people install OTRS. Some have other group names than others. If we let this script run automatically, it will change the permissions any time a user updates the port. That makes no sense and is a security risk.
Comment 3 m.tsatsenko 2014-09-23 20:35:33 UTC
At first pkg-messages respects USERS and GROUPS so there is no problem with groups, etc.

The actual problem is STAGEDIR support. Prior to conversion to STAGEDIR SetPermissions script was been triggered during post-install target. But! STAGEDIR environment misses USERS and GROUPS thus chown call fails with no such user/group error.
Comment 4 m.tsatsenko 2014-09-23 20:36:41 UTC
Once STAGEDIR will respect USERS and GROUPS I will be happy to set permissions from Makefile
Comment 5 VK freebsd_triage 2016-06-05 01:20:04 UTC
Hello guys. Is this bug report still relevant? A fix still applicable?

Setting maintainer-feedback+, it was given in time, just never flagged as such.
Comment 6 m.tsatsenko 2016-06-15 09:46:19 UTC
Well, that depends.
Yes I still have to ask end-user to run SetPermissions script manually after install.
Not sure if pkg does not respect users/group under the stage environment at the moment. I will check it out next days.
Comment 7 m.tsatsenko 2016-06-27 21:11:34 UTC
I have checked out the things and still setpermissions.pl script invoked from post-install target fails due to missing otrs user in the stage environment. And there is very little I can do with it.
I think fixing this requires some changes in the ports infrastructure so I suggest assign this PR to portmgr.
Comment 8 Walter Schwarzenfeld freebsd_triage 2018-01-16 09:39:50 UTC
Any new here?
Comment 9 m.tsatsenko 2018-01-23 15:15:19 UTC
I will check if ports Mk respects USERS during build/stage. If still not there is nothing I can do with it
Comment 10 Mateusz Piotrowski freebsd_committer 2020-11-03 16:00:08 UTC
(In reply to m.tsatsenko from comment #9)
It does not because the whole build process must be able to finish as a non-root user.

What could be done is running the script with some defaults when the package is installed (via @postexec for example; see https://www.freebsd.org/doc/en/books/porters-handbook/book.html#plist-keywords-base-exec) and informing the user about a way to change the defaults if desired (basically setting the permissions once again).
Comment 11 Mateusz Piotrowski freebsd_committer 2021-01-20 12:47:12 UTC
Return the issue back to the pool