On 11.08.2023 19:58, Larry Finger wrote:
On 8/11/23 09:49, Joe Salmeri wrote:
Thanks Jan, Carlos and others that have explained what is going on.
Since the default install uses the easy permissions, would it make sense for the RPMs to match what the easy permissions are.
If the admin switches to more restrictive permissions, then they would get the messages ( which makes sense to me ).
As I said in my previous posting, at least SUID permissions cannot be set in the spec file that builds an rpm.
user@uefi:~> rpm -q --dump -f /usr/sbin/unix_chkpwd | grep unix_chkpwd /usr/sbin/unix_chkpwd 26928 1691846723 1bfe8e2870486dc504a9ef5acf38da50d14b3bb602dc0f959865d395fc6c38fb 0104755 root shadow 0 0 0 X user@uefi:~> As you see, rpm has no problems packaging SUID file. %verify(not mode) %attr(4755,root,shadow) %{_sbindir}/unix_chkpwd %verify(not mode) %attr(4755,root,shadow) %{_sbindir}/unix2_chkpwd May be there are some white-/blacklist, I do not know.