From 9d18b6246755472c8324bf3e20e234e08ac45618 Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Wed, 15 Jan 2020 18:08:02 +0100
Subject: rpm/deb and auth_pam_tool_dir/auth_pam_tool

don't let mysql_install_db set SUID bit for auth_pam_tool in rpm/deb
packages - instead package files with correct permissions and
only fix the ownership of auth_pam_tool_dir (which can only be done
after mysql user is created, so in post-install).

keep old mysql_install_db behavior for bintars
---
 support-files/rpm/server-postin.sh | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'support-files')

diff --git a/support-files/rpm/server-postin.sh b/support-files/rpm/server-postin.sh
index bccda7fbb8b..db249c326a6 100644
--- a/support-files/rpm/server-postin.sh
+++ b/support-files/rpm/server-postin.sh
@@ -69,11 +69,8 @@ if [ $1 = 1 ] ; then
   chmod -R og-rw $datadir/mysql
 fi
 
-# Set correct filesystem ownership/permissions for the PAM v2 plugin
-chown %{mysqld_group} /usr/lib*/mysql/plugin/auth_pam_tool_dir
-chmod 0700            /usr/lib*/mysql/plugin/auth_pam_tool_dir
-chown 0               /usr/lib*/mysql/plugin/auth_pam_tool_dir/auth_pam_tool
-chmod 04755           /usr/lib*/mysql/plugin/auth_pam_tool_dir/auth_pam_tool
+# Set the correct filesystem ownership for the PAM v2 plugin
+chown %{mysqld_user} /usr/lib*/mysql/plugin/auth_pam_tool_dir
 
 # install SELinux files - but don't override existing ones
 SETARGETDIR=/etc/selinux/targeted/src/policy
-- 
cgit v1.2.1