Packaging Guidelines: Why so lax for BuildRoot?

[Michael Schwendt]

On Sun, 23 Mar 2008 02:01:43 -0400, Dimi Paun wrote:

> 
> On Sun, 2008-03-23 at 00:30 -0400, Tom Lane wrote:
> > 
> > Expecting specfiles to rm -rf the buildroot is just as stupid.

The default %install and %clean sections could do that and could be
removed from .spec files.

Especially for the very useful --short-circuit builds it is a necessity to
clear the buildroot at the beginning of %install, so not doing it is a
mistake. Always.

> Thank you Tom!
> 
> It is such a nasty violation of basic encapsulation that
> should offend any hacker's sense of good, right and pretty. 
> 
> It is quite remarkable how such a ugly wart can survive for
> so long in an environment of highly technical people with 
> a passion for what they do... :) 
> 
> And it's not just ugly, but just incredibly dangerous. Old
> timers might remember how this idiotic
>   rm -rf $BUILDROOT
> business would result in a 
>   rm -rf /
> when you'd build a .rpm as root.
> 
> I got bit by it, and it hurt. Badly.

Oh, interesting, then you're one of the very few who really ran into
it. It was mostly a theoretical problem, because users had to define
%buildroot themselves to get "rm -rf /" and also build as root. Later,
when packagers defined "BuildRoot: /tmp" and similar in the spec
files and tried to catch buildroot=='/', I met someone who managed
to run into "rm -rf //" due to an incorrectly expanded value. But
it triggered a bug elsewhere and didn't damage anything.

Even when RPM disallowed '/' as a buildroot, some people, who have never
been hit by it before, insisted on adding "safety-checks" to spec files.
Sometimes old cruft is hard to get rid of.