Hello I would like to know if there is some 'standard' way for the rubygems-* ports for fixing wrong files permissions. It appears that getopt-declare (not in the ports tree, it's a dependency of another port I would like to push) install files in a weird fashion:
------------------------------8<---------------------------
===> SECURITY REPORT:
This port has installed the following world-writable files/directories.
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/getopt-declare.gemspec
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/samples/cmdline_singles.rb
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/samples/cmdline_array.rb
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/samples/cmdline_usage.rb
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/test/test_cmdline_parameters.rb
/tmp/rubygem-getopt-declare-1.29/lib/ruby/gems/1.8/gems/getopt-declare-1.29/README.txt
[...]
------------------------------8<---------------------------
My current workaround is:
------------------------------8<---------------------------
post-install:
@${FIND} ${PREFIX}/${GEM_LIB_DIR} -type f -exec ${CHMOD} 444 '{}' ';'
------------------------------8<---------------------------
I am not really happy with this. Is there a better way to fix this?
I am not used with Ruby gems packaging, and I would like to be sure that
this is a problem that should be signaled upstream before acting: is it?
Thanks!
Romain
pgpXB0md1RWH5.pgp
Description: PGP signature
