Package: piuparts Severity: wishlist Policy ยง9.1.2 reads:
If /etc/staff-group-for-usr-local does not exist, /usr/local and all subdirectories created by packages should have permissions 0755 and be owned by root:root. If /etc/staff-group-for-usr-local exists, /usr/local and subdirectories should have permissions 2775 (group-writable and set-group-id) and be owned by root:staff.
It would be nice if piuparts could check if the tested packages create /usr/local subdirectories with the right ownership and permissions.
For example, fontconfig-config_2.13.0-4 does it incorrectly: it creates /usr/local/share/fonts as 2755 root:staff, regardless of whether /etc/staff-group-for-usr-local exists or not.
Note that this staff-group-for-usr-local thing was implemented in debhelper in 11.2 released on 2018-04-07, so it might make sense to skip packages that were built before that date, at least for the time being.
-- Jakub Wilk
