[Bug 191200] Review Request: lvm2-cluster
bugzilla at redhat.com
bugzilla at redhat.com
Fri Jun 16 10:36:47 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: lvm2-cluster
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191200
------- Additional Comments From paul at city-fan.org 2006-06-16 06:28 EST -------
(In reply to comment #18)
> > E: lvm2-cluster non-standard-executable-perm /usr/sbin/clvmd 0555
>
> What's rpmlint complaining about? It's got the executable bits and it can't be
> written to by a non-root user. Some would argue 0111 would be better, but this
> is a distribution so there's little to gain from a security-by-obscurity
> argument as it's trivial for a user to get hold of a copy of the binary from
> elsewhere.
>
> - Ignoring. (rpmlint bug?)
Using perms 755 would shut rpmlint up.
> > E: lvm2-cluster postin-without-ldconfig /usr/lib/liblvm2clusterlock.so.2.02
> > E: lvm2-cluster library-without-ldconfig-postun
> /usr/lib/liblvm2clusterlock.so.2.02
>
> OK: the packaging installation process doesn't run ldconfig automatically yet
> so it has to be included in every spec file that handles shared libraries.
>
> However, other packages look to have '%postun -p /sbin/ldconfig' and I've
> googled and searched the Fedora wiki and the new online book you mentioned, but
> as usual, I can't find documentation for what I need to know, viz. what '-p'
> does and whether you're meant to use it if there are other commands to run in
> the same section.
The -p option specifies the script interpreter to use for the scriplet.
"%post -p /sbin/ldconfig" with an empty script is a standard idiom for running a
single program in the scriptlet without having to use a shell.
> For safety, opted for:
> %post
> /sbin/chkconfig --add clvmd
> /sbin/ldconfig
>
> %postun -p /sbin/ldconfig
That's correct usage,
> > E: lvm2-cluster non-standard-executable-perm
> /usr/lib/liblvm2clusterlock.so.2.02 0555
>
> Puzzling: I thought linux wanted both the read and execute bits to be set
these days
> on shared objects, not just the read bit (which is all that's required at the
kernel
> level).
>
> - Ignoring. (rpmlint bug?)
rpmlint is expecting mode 755 as per most other libs in /usr/lib
> > W: lvm2-cluster devel-file-in-non-devel-package /usr/lib/liblvm2clusterlock.so
>
> Seems overkill to create a lvm2-cluster-devel package containing just
> one symlink? I don't spot other packages with shared libraries doing
> that.
>
> - Ignoring.
$ rpm -qlp xorg-x11-drv-i810-devel-1.6.0-4.i386.rpm
/usr/lib
/usr/lib/libI810XvMC.so
(that package should not be owning /usr/ilb)
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/lvm-types.h ../lib/datastruct/lvm-types.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/log.h ../lib/log/log.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/list.h ../lib/datastruct/list.h
>
> I've never done anything with debuginfo packages before.
> Is this a bug in whatever bit of rpm generates them?
Yes.
> I've installed the 'lvm2' debuginfo package, and it has a similar problem.
>
> I don't understand enough about how debuginfo packages are used to know whether
> the problem is the symlink that shouldn't be there, or if it's the file at the
> end of it that shouldn't be missing.
I believe it's the latter.
> On Wed, Jun 14, 2006 at 02:27:07PM -0400, Jesse Keating wrote:
> > A standard executable should have permission set to 0755. If you get
> > this
> > message, it means that you have a wrong executable permissions in some
> > files
> > included in your package.
>
> Oh! So it prefers the owner of the executable to have write permission.
> The file is owned by root so owner write is irrelevant, but it's better not
> to set it IMHO as that gives out the wrong message, suggesting it's a file
> other applications might want to modify: for example, editors will often warn
> the file is read-only if you try to modify it even as root.
>
> I think that 'Error' from rpmlint should be downgraded to 'information', and
> it should be inverted - warning if the owner write bit is *set* on an
> executable.
Fair comment,
> The ones I mentioned in the email I'd already put into lvm2-cluster-2_02_06-1_2.
>
> Probably still missing the requires for ldconfig though.
Perhaps. I can't see the spec file so I don't know.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Fedora-package-review
mailing list