[PATCH] Fix for nss/db-Makefile

Joel Klecker espy@debian.org
Sat Dec 19 21:26:00 GMT 1998


At 01:39 -0500 1998-12-19, Daniel Jacobowitz wrote:
>Wouldn't using 077 make more sense?

Indeed it would.

It was suggested in private mail by Zach Weinberg that perhaps 
something like the following would be better:

Index: nss/db-Makefile
===================================================================
RCS file: /glibc/cvsfiles/libc/nss/db-Makefile,v
retrieving revision 1.7
diff -u -r1.7 db-Makefile
--- db-Makefile	1998/01/24 06:16:17	1.7
+++ db-Makefile	1998/12/20 03:59:35
@@ -111,7 +111,15 @@
 		 /^[ \t]*#/ { next } \
 		 { printf "0%u ", cnt++; print } \
 		 /^[^#]/ { printf ".%s ", $$1; print }' $^ | \
-	$(MAKEDB) -o $@ -
+	(umask 077 && $(MAKEDB) -o $@ -)
+	@chown 0 $@
+	@chgrp 0 $@
+	@chmod 600 $@
+	@echo ""
+	@echo "Warning: The shadow password database $(VAR_DB)/shadow.db"
+	@echo "has been set to be readable only by root.  You may want"
+	@echo "to make it readable by the \`shadow' group depending"
+	@echo "on your configuration."
 	@echo "done."

 $(VAR_DB)/netgroup.db: /etc/netgroup
--
Joel Klecker (aka Espy)                     <URL: http://web.espy.org/ >
<URL: mailto:jk@espy.org >                  <URL: mailto:espy@debian.org >
Debian GNU/Linux PowerPC -- <URL: http://www.debian.org/ports/powerpc/ >



More information about the Libc-alpha mailing list