[texhax] Umasks, Permissions, and All That
schneidt at mail.nih.gov
Fri Jul 12 16:15:59 CEST 2013
> I'd like to summarize the current situation regarding umask, Unix
> Permissions, and MacTeX. When MacTeX installs, the directories
> /usr/local and /usr/local/texlive may or may not exist. If they
> already exist, their permissions are not changed. If they don't
> exist, they are given reasonable permissions.
I think the only reasonable permissions are drwxr-xr-x with ownership
> Then the 2013 folder and its contents are created. If the
> installation is done from the DVD, the permissions of this folder
> and its contents are solely determined by the TeX Live install
> script, and not by MacTeX. Thus our umask problems this year are
> problems from that TeX Live script, and MacTeX is only in the
> picture because we decided it should never "fix" permissions.
I think that's not a good idea.
> Let me again give the reference which explains how Mac users might
> have unusual umasks:
That's only one possibility.
> The situation is different if users install using the internet version
> of MacTeX.
> To see why, let me explain how that package is constructed. I first
> install TeX Live on my personal machine using the TeX Live script.
> My machine does not have an unusual umask, so my copy of TeX Live
> will have expected permissions Then I use Apple software to create
> an install package. That package installs with the permissions
> inside the install package, which came from permissions on my
> machine. That's what happened in past years. But for the first time
> this year, I added a final twist with the internet version. The new
> Apple software to make install packages has a button labeled "Use
> Apple's Recommended Permissions" and I pushed that button.
But what are those "Recommended Permissions"?
> So this year, internet installs won't give standard TeX Live
> permissions to all installed files; some files will instead have
> Apple Recommended Permissions This mainly affects symbolic links;
> Apple gives them unlimited permissions, while TeX Live is a little
> more restrictive.
My current understanding is that the final set up ought to be root
ownership of /usr/local with permissions drwxr-xr-x. That allows only
root to change things but everyone on the system can read and execute
them. This is, as I understand it, secure.
Thomas D. Schneider, Ph.D.
National Institutes of Health
National Cancer Institute
Center for Cancer Research
Gene Regulation and Chromosome Biology Laboratory
Molecular Information Theory Group
Frederick, Maryland 21702-1201
schneidt at mail.nih.gov
http://alum.mit.edu/www/toms (permanent link)
More information about the texhax