Directory Use and Permissions

Werner Koch wk at gnupg.org
Mon Jan 3 10:17:11 CET 2005


On Fri, 31 Dec 2004 11:04:41 -0700, John R Shannon said:

> libassuan, pinentry, dirmngr and gnupg-1.9.14 all reference sharedstatedir and 
> localstatedir. What are the minimum permissions required for these 
> directories? Must they be world writeable? Can they be moved relative to 
> $HOME?

AFAICS only dirmngr makes use of them:

AM_CPPFLAGS += -DDIRMNGR_SYSCONFDIR="\"$(sysconfdir)/@PACKAGE@\"" 
AM_CPPFLAGS += -DDIRMNGR_LIBEXECDIR="\"$(libexecdir)\""
AM_CPPFLAGS += -DDIRMNGR_DATADIR="\"$(localstatedir)/lib/@PACKAGE@\""
AM_CPPFLAGS += -DDIRMNGR_CACHEDIR="\"$(localstatedir)/cache/@PACKAGE@\""

The SYSCONFDIR is usually set to /etc/dirmngr and it may be world
readable except for the ldapservers.conf file which contains
passwords.  As a configuration directory no write permissions are
required.

The DATADIR (/var/lib/dirmngr) currently does not need to be writable
but future versions of the dirmngr might want to write to it.

The CACHEDIR (/var/cache/dirmngr) obviously needs to be writable by
the dirmngr process.

You may move them relativly to $HOME.

  Werner




More information about the Gpa-dev mailing list