Fix up file permissions in Qt ports.

Because qt-dist.mk sets EXTRACT_AFTER_ARGS, the framework-standard --no-same-owner and --no-same-permissions aren't added. That means that the files end up in packages with the permissions from the tarball, and in particular that official packages contain group-writable (wheel) includes (C++ headers) and other files. This was reported in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227027 and fixed in 465911 (18 months ago) but the move from bsd.qt.mk to Uses/qt-dist.mk lost those settings again. Re-add them to the Uses/ file to improve package security. (The problem does not seem to be present in my local poudriere builds) PR: 227027 Reported by: grarpamp@gmail.com Reviewed by: tcberner Approved by: tcberner MFH: 2020Q1 Differential Revision: https://reviews.freebsd.org/D22999
svn path=/head/; revision=521876
2020-01-02 20:13:11 +00:00 · 2020-01-02 20:13:11 +00:00 · d16fd1e9a8 · 2021-03-31 03:12:20 +00:00
commit d16fd1e9a8
parent a457096f2e
1 changed files with 2 additions and 1 deletions
--- a/Mk/Uses/qt-dist.mk
+++ b/Mk/Uses/qt-dist.mk
@ -112,7 +112,8 @@ EXTRACT_SUFX?=		.tar.xz
 # Other ports from other Qt modules will automatically build examples and
 # tests if the directories exist because of mkspecs/features/qt_parts.prf.
 EXTRACT_AFTER_ARGS?=	${DISTNAME:S,$,/examples,:S,^,--exclude ,} \
-			${DISTNAME:S,$,/tests,:S,^,--exclude ,}
+			${DISTNAME:S,$,/tests,:S,^,--exclude ,} \
+			--no-same-owner --no-same-permissions
 .  endif # ! ${_QT_VER:M5}

 CONFIGURE_ENV+=		MAKE="${MAKE:T}"