From f3b818c3e5d938e0afbbcfa25d5233248daa21a3 Mon Sep 17 00:00:00 2001
From: "K. Lange" <klange@toaruos.org>
Date: Thu, 19 Jul 2018 14:09:49 +0900
Subject: [PATCH] /tmp should be world-writable

---
 util/update-devtable.py | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/util/update-devtable.py b/util/update-devtable.py
index 046314f0..24158003 100755
--- a/util/update-devtable.py
+++ b/util/update-devtable.py
@@ -4,18 +4,25 @@ import glob
 from pathlib import Path
 
 with open('util/devtable','w') as devtable:
-    devtable.write('/bin/gsudo f 4555 0 0 - - - - -\n') # sudo always needs setuid
-    devtable.write('/bin/sudo f 4555 0 0 - - - - -\n') # sudo always needs setuid
+
+    # Set sudo apps to setuid, executable, no write
+    devtable.write('/bin/gsudo f 4555 0 0 - - - - -\n')
+    devtable.write('/bin/sudo f 4555 0 0 - - - - -\n')
+
+    # Set master.passwd to not be visible except by root
     devtable.write('/etc/master.passwd f 600 0 0 - - - - -\n') # /etc/master.passwd should be restricted
 
-    # Now add user home directories
+    # Copy permissions and set ownership for user files
     for user_details in [('local',1000)]:
         user, uid = user_details
         for path in glob.glob('./base/home/{user}/**'.format(user=user),recursive=True):
             p = Path(path)
-            path_mod = path.replace('./base','')
+            path_mod = path.replace('./base','').rstrip('/')
             path_type = 'd' if p.is_dir() else 'f'
             st = os.stat(path)
             mode = '{:o}'.format(st.st_mode & 0o7777)
             devtable.write('{path_mod} {path_type} {mode} {uid} {uid} - - - - -\n'.format(path_mod=path_mod,path_type=path_type,mode=mode,uid=uid))
 
+    # Special case /tmp to allow all users to write
+    devtable.write('/tmp d 777 0 0 - - - - -\n')
+