From 68a15849bea8c739adc5f7839032f2328edfc8dd Mon Sep 17 00:00:00 2001
From: Bruce Leidl <bruce@subgraph.com>
Date: Sat, 17 Feb 2018 17:41:15 -0500
Subject: [PATCH] provider a fs-perms table to override a few things from the
 default

---
 .../conf/distro/citadel-distro.conf           |  2 +
 .../files/citadel-fs-perms.txt                | 60 +++++++++++++++++++
 2 files changed, 62 insertions(+)
 create mode 100644 meta-citadel-distro/files/citadel-fs-perms.txt

diff --git a/meta-citadel-distro/conf/distro/citadel-distro.conf b/meta-citadel-distro/conf/distro/citadel-distro.conf
index f92b475..62f4904 100644
--- a/meta-citadel-distro/conf/distro/citadel-distro.conf
+++ b/meta-citadel-distro/conf/distro/citadel-distro.conf
@@ -21,6 +21,8 @@ PREFERRED_PROVIDER_virtual/kernel = "citadel-kernel"
 
 PACKAGE_CLASSES ?= "package_deb"
 
+FILESYSTEM_PERMS_TABLES = "files/citadel-fs-perms.txt"
+
 INITRAMFS_IMAGE_BUNDLE = "1"
 INITRAMFS_IMAGE = "citadel-initramfs-image"
 
diff --git a/meta-citadel-distro/files/citadel-fs-perms.txt b/meta-citadel-distro/files/citadel-fs-perms.txt
new file mode 100644
index 0000000..4026ee7
--- /dev/null
+++ b/meta-citadel-distro/files/citadel-fs-perms.txt
@@ -0,0 +1,60 @@
+# This file contains a list of files and directories with known permissions.
+# It is used by the packaging class to ensure that the permissions, owners and
+# group of listed files and directories are in sync across the system.
+#
+# The format of this file 
+#
+#<path>	<mode>	<uid>	<gid>	<walk>	<fmode>	<fuid>	<fgid>
+#
+# or
+#
+#<path> link <target>
+#
+# <path>: directory path
+# <mode>: mode for directory
+# <uid>:  uid for directory
+# <gid>:  gid for directory
+# <walk>: recursively walk the directory?  true or false
+# <fmode>: if walking, new mode for files
+# <fuid>:  if walking, new uid for files
+# <fgid>:  if walking, new gid for files
+# <target>: turn the directory into a symlink point to target
+#
+# in mode, uid or gid, a "-" means don't change any existing values
+#
+# /usr/src		0755	root	root	false	-	-	-
+# /usr/share/man	0755	root	root	true	0644	root	root
+
+# Note: all standard config directories are automatically assigned "0755 root root false - - -"
+
+# Documentation should always be corrected
+${mandir}		0755	root	root	true	0644	root	root
+${infodir}		0755	root	root	true	0644	root	root
+${docdir}		0755	root	root	true	0644	root	root
+${datadir}/gtk-doc	0755	root	root	true	0644	root	root
+
+# Fixup locales
+${datadir}/locale	0755	root	root	true	0644	root	root
+
+# Cleanup headers
+${includedir}		0755	root	root	true	0644	root	root
+${oldincludedir}	0755	root	root	true	0644	root	root
+
+# Cleanup debug src
+/usr/src/debug		0755	root	root	true	-	root	root
+
+/home				0755	root	root	false - - -
+/srv				0755	root	root	false - - -
+${prefix}/src			0755	root	root	false - - -
+${localstatedir}/local		0755	root	root	false - - -
+
+# Special permissions from base-files
+# Set 1777
+/tmp				01777	root	root	false - - -
+${localstatedir}/volatile/tmp	01777	root	root	false - - -
+
+# Set 0700
+${ROOT_HOME}			0700	root	root	false - - -
+
+# Set 2775-lsb
+${localstatedir}/mail		02775	root	mail	false - - -