Permissions for shared libraries in Kerberos

Benjamin Kaduk kaduk at
Sat Nov 28 22:50:36 EST 2020

On Fri, Nov 27, 2020 at 11:09:10PM -0800, Cy Schubert wrote:
> In message <20201126190626.GD34187 at>, Benjamin Kaduk writes:
> > They end up shared on FreeBSD (via packaging) as well, though I'm not the
> > package maintainer for that one and didn't fully track down exactly where
> > that happens.  (The default INSTALL_LIB specifies a file mode to use, but
> > it was not entirely clear to me that we actually honor INSTALL_LIB just
> > from a `git grep`.)
> Packaging of krb5 on FreeBSD uses the defaults in ports, that being 0644. 
> The only override within the four krb5 ports is for ksu because packaging 
> strips the setuid bit and therefore must be set (again) in the packaging 
> plist file. In other words the FreeBSD krb5 packages are vanilla krb5. If 
> they are changed to 0755 I'll probably adjust the SHAREMODE to 0644 in the 
> packaging plist file, simply to avoid a ticket.

Oops, my shell history points out that I only looked at the x bit on the symlink and not the actual libraries themselves.

Sorry for the confusing/wrong statement (but on the plus side, I am less
confused about how it got that way, now!).


More information about the krbdev mailing list