Package umask issues
Warren Togami
wtogami at redhat.com
Fri Jul 8 22:33:17 UTC 2005
Hi Spot,
During FUDCON2 one of the TODO's I promised you was to send details
about package umask issues. This is only an issue for sysadmins when
they insist on using a system umask of 077 supposedly for some hardening
reason. Two kinds of packages then have problems:
1) Packages with unowned files or directories. This of course has an
obvious solution, simply own it. This is already covered in our
packaging guidelines. MUST right?
2) Packages which create unpackaged files in scriptlets like %post
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136030
This is one example where this caused a problem. The quick and ugly
workaround is to explicitly set umask at the beginning of the scriptlet.
But the correct fix would be to make it so the software does not
create files in %post. The latter solution is not always trivial.
Should we make #2 a SHOULD or MUST in guidelines?
Warren Togami
wtogami at redhat.com
More information about the Fedora-maintainers
mailing list