The recent redhat-rpm-config change and you
nalin at redhat.com
Mon Jun 20 17:44:53 UTC 2005
On Sat, Jun 18, 2005 at 01:00:06AM -0400, Toshio Kuratomi wrote:
> On Fri, 2005-06-17 at 17:05 -0400, Nalin Dahyabhai wrote:
> >  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129025
> What's a simple test case for this? I don't have a USB printer but I
> tried /usr ro on boot with no .pyo files. This does not cause cups to
> crash.... Starting other programs which have no .pyo files with
> PYTHON_OPTIMIZE set also causes no problems. Is the bug really only
> about SELinux and not a ro partition? Does this only happen with cups
> and USB printers?
> Being an anti-pyo person, I'd like to understand this problem so I can
> be converted :-)
I can't speak to the specifics of cups and printing, but the problem
cases in which I'm interested are:
* Install a package with .py scripts. Use parts of the package as a
user who can write to the files, and you generate .pyc files. These
new files are not owned by any package, and RPM does not remove them
if you remove the package.
* If you can't write to them, and you were denied access by SELinux
permission checks (for example, you *were* root, but you were running
the script in an execution domain which wouldn't be allowed write
access), then you get a log message, either in syslog or in the audit
log. This leads to at least 40 unnecessary panic attacks, resulting
in no less than four separate posts to fedora-test-list within the
same day, which increases incoming traffic enough to finally kill the
mailing list servers. Please, think of the mailing list servers.
Seriously, though, it's preventable.
The usefulness of .pyo files over .pyc files is marginal , but if
we're trying to avoid problems which crop up when a script only gets
byte-compiled on an installed system, I think we have to account for
them as well.
More information about the Fedora-maintainers