mirror of
https://github.com/aaddrick/claude-desktop-debian.git
synced 2026-05-17 08:36:35 +03:00
15813ca11f
Move the suid bit on chrome-sandbox into the rpm spec's %files section via %attr(4755, root, root). The previous %post chmod 4755 only ran on fresh installs and silently regressed when the scriptlet was skipped (e.g., --noscripts), leaving a non-suid chrome-sandbox that breaks sandboxing on every launch. Also add an assert_setuid helper to tests/test-artifact-common.sh and wire it up in test-artifact-rpm.sh so a future spec regression to the old %post pattern fails CI rather than shipping silently. Verified: built rpm in fedora:42 container, installed via dnf, ls confirms -rwsr-xr-x on chrome-sandbox, %post no longer chmods.