From 2250db76c57caa0ab2054605972463f16eff1390 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 17 Mar 2023 10:49:21 +0000
Subject: [PATCH] FHS: Enfore that all files in /usr/*bin are executable

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/libpakfire/fhs.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/libpakfire/fhs.c b/src/libpakfire/fhs.c
index b09da67f..14dd70ff 100644
--- a/src/libpakfire/fhs.c
+++ b/src/libpakfire/fhs.c
@@ -60,6 +60,10 @@ static const struct pakfire_fhs_check {
 	{ "/usr/bin/*",   S_IFDIR, PAKFIRE_FHS_MUSTNOTEXIST, 0, NULL, NULL },
 	{ "/usr/sbin/*",  S_IFDIR, PAKFIRE_FHS_MUSTNOTEXIST, 0, NULL, NULL },
 
+	// Any files in /usr/{,s}bin must be owned by root and have 0755
+	{ "/usr/bin/*",   S_IFREG, 0, 0755, "root", "root" },
+	{ "/usr/sbin/*",  S_IFREG, 0, 0755, "root", "root" },
+
 	// /var
 	{ "/var",         S_IFDIR, 0, 0755, "root", "root" },
 	{ "/var/cache",   S_IFDIR, 0, 0755, "root", "root" },
-- 
2.47.3