Package umask issues
Warren Togami
wtogami at redhat.com
Fri Jul 8 23:29:53 UTC 2005
Tom 'spot' Callaway wrote:
> On Fri, 2005-07-08 at 12:33 -1000, Warren Togami wrote:
>
>>Hi Spot,
>>
>>During FUDCON2 one of the TODO's I promised you was to send details
>>about package umask issues. This is only an issue for sysadmins when
>>they insist on using a system umask of 077 supposedly for some hardening
>>reason. Two kinds of packages then have problems:
>>
>>1) Packages with unowned files or directories. This of course has an
>>obvious solution, simply own it. This is already covered in our
>>packaging guidelines. MUST right?
>>
>>2) Packages which create unpackaged files in scriptlets like %post
>>https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136030
>>This is one example where this caused a problem. The quick and ugly
>>workaround is to explicitly set umask at the beginning of the scriptlet.
>> But the correct fix would be to make it so the software does not
>>create files in %post. The latter solution is not always trivial.
>>
>>Should we make #2 a SHOULD or MUST in guidelines?
>
>
> I'm inclined to add:
>
> MUST: Packages should not create files in %post. All files should be
> accounted for in %files.
>
> ~spot
That isn't going to be easy to fix for all software. It is desired though.
Warren Togami
wtogami at redhat.com
More information about the Fedora-maintainers
mailing list