Set permissions after RPM install
You can add chmod
to a %post
section if you wanted to but that's the wrong approach to the problem.
You should just make sure that the files are executable in the buildroot during the installation and they should remain so (with that %defattr
entry) in the RPM and once installed (though that %defattr
entry should be above the /opt
line).
Alternatively, you can use the %defattr
macro and %attr
macros to have RPM apply specific permissions to specific files in the %files
section manually.
See Directives For the %files list and Specifying File Attributes for how the directives work.
Example from the second link:
%files
%attr(-, root, root) %doc README
%attr(4755, root, root) /usr/local/bin/cdp
%attr(-, root, root) /usr/local/bin/cdplay
%attr(-, root, rot) /usr/local/man/man1/cdp.1
user1285928
Updated on June 14, 2022Comments
-
user1285928 over 1 year
I use this spec file to use RPM files
Name: pack-agent Version: 1.0 Release: 1%{?dist} Summary: Linux Agent installation script Group: Utilities License: license Source0: pack-agent-1.0.tar.gz BuildArch: x86_64 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description %prep %setup -q -n opt %build %install #install -m 0755 -d $RPM_BUILD_ROOT/agent #cp -ap agent/* $RPM_BUILD_ROOT/agent/ install -m 0755 -d %{buildroot}/opt #cp -a * %{buildroot}/agent cp -a * %{buildroot}/opt %clean rm -rf $RPM_BUILD_ROOT %files /opt %defattr(-,root,root,-) %attr(777, root, root) /opt/agent/bin/karaf %doc %changelog
But after install the files are not executable. I need to start file insight directories tree. Is there anyway to add chmod command insight the spec file and use it to set permissions after RPM install?
-
Aaron D. Marasco about 8 yearsI recommend the last paragraph as well. Default everything to something reasonable like 644, and then make your executables 755.
-
Aaron D. Marasco about 8 yearsThe
%post
chmod
would be bad because for many reasons, the biggest beingrpm -V
would fail saying the permissions don't match the RPM DB. -
user1285928 about 8 yearsCould you please show me how I need to edit the spec file for the last solution?
-
msuchy about 8 yearsOr you can chmod that file in %install section
-
user1285928 about 8 yearsFiles are always with permission
-rw-r--r--.
Any idea where is the problem? -
user1285928 about 8 yearsI added %attr(777, root, root) /opt/agent/bin/karaf but when I install the RPM package the permission is -rw-r--r--
-
Etan Reisner about 8 yearsTry
0755
instead of777
and see if that works. But like I said you can also just ensure that the permissions are correct in the buildroot and then not specify any permissions in the%files
section and RPM will leave them alone. -
Aaron D. Marasco about 8 years
777
byroot
is a ginormous security hole BTW... there might even be a warning in your build logs saying "nope!"