Am 14.11.24 um 19:04 schrieb Michael Gold:
Package: polkitd Version: 125-2Dear Maintainer, Something was removing the world-readable mode of /etc/polkit-1/rules.d/ on my system (repeatedly), which meant that an un-privileged git process was not able to check for changes until I fixed it. It took me a while to track this down. I thought it was not the polkitd package, because its maintainer scripts specifically skip the "chmod" on the directory if a dpkg-statoverride entry exists, as does on my system. But it seems that the /usr/lib/tmpfiles.d/polkit-tmpfiles.conf file from this package is to blame; it does not respect the statoverride settings. I don't see why it is necessary, and the relevant changelog entry has no explanation. I also don't consider it appropriate to modify a permanent administrator-controlled directory via the temporary-file mechanism; the directory could be created by a maintainer script if necessary, and then left alone. If there is a good reason for this, the tmpfiles.d files should at least be mentioned in polkitd.postinst to avoid frustration (dpkg-divert could then be used to get rid of it).
The way to override package provided tmpfiles snippets is to ship one under the same name in /etc/tmpfiles.d, i.e. /etc/tmpfiles.d/polkit-tmpfiles.conf in your case.
There you can easily specify the desired mode. Michael
OpenPGP_signature.asc
Description: OpenPGP digital signature
