base-files: chmod 1777 /var/lock
authorDeomid Ryabkov <rojer@rojer.me>
Sat, 23 Oct 2021 13:22:39 +0000 (16:22 +0300)
committerChristian Lamparter <chunkeey@gmail.com>
Fri, 5 Nov 2021 20:24:04 +0000 (21:24 +0100)
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.

[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>

Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 430f69194388ad6a7826a51e0e2b2dd478e27f0f)

package/base-files/files/etc/init.d/boot

index a1e8e828dd2b17006d59536e9f53887ebc001966..e1c60c1c2fac50ebcfda4c09c4bf7cf4e844ab6c 100755 (executable)
@@ -21,9 +21,10 @@ boot() {
        [ -f /proc/mounts ] || /sbin/mount_root
        [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc
 
-       mkdir -p /var/run
-       mkdir -p /var/log
        mkdir -p /var/lock
+       chmod 1777 /var/lock
+       mkdir -p /var/log
+       mkdir -p /var/run
        mkdir -p /var/state
        mkdir -p /var/tmp
        mkdir -p /tmp/.uci