Control: reassign -1 src:ocaml 4.05.0-11
Control: found -1 5.4.0-2
On Sat, 06 Feb 2021 at 09:45:56 +0100, Sébastien Villemot wrote:
The /usr/local/lib/ocaml directory (and its subdirectories), as created by the
postinst script of ocaml-base-nox, is always owned by group staff, with
permissions 2775.
This is a violation of Debian Policy §9.1.2. Those specific ownership and
permissions should only be set when the file /etc/staff-group-for-usr-local
is present. When it is not, the directory should be owned by root:root and have
permissions 0755.
ocaml-base-nox is now a transitional package and ocaml-base is now
responsible for creating the directory, but ocaml-base continues to
create the directory owned by root:staff.
Instead of open-coding the necessary logic, I would suggest using
dh_usrlocal to create this directory. The procedure to do that is
something like this:
1. create debian/ocaml-base/usr/local/lib/ocaml/VERSION/stublibs,
for example by listing it in debian/ocaml-base.dirs or doing an
`install -d` in debian/rules
2. make sure dh_usrlocal is run (normally dh will run it)
3. remove open-coded logic in the maintainer scripts to create (and possibly
remove) this directory
4. if the maintainer script templates are now empty, remove them, or if
not, ensure that they have the #DEBHELPER# placeholder
dh_usrlocal will insert maintainer script snippets generated from
/usr/share/debhelper/autoscripts/ to create and remove the directories
when appropriate.
Thanks,
smcv
