[Bug 191200] Review Request: lvm2-cluster

bugzilla at redhat.com bugzilla at redhat.com
Fri Jun 16 10:36:47 UTC 2006 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: lvm2-cluster


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191200





------- Additional Comments From paul at city-fan.org  2006-06-16 06:28 EST -------
(In reply to comment #18)
> > E: lvm2-cluster non-standard-executable-perm /usr/sbin/clvmd 0555
> 
> What's rpmlint complaining about?  It's got the executable bits and it can't be
> written to by a non-root user.  Some would argue 0111 would be better, but this
> is a distribution so there's little to gain from a security-by-obscurity
> argument as it's trivial for a user to get hold of a copy of the binary from
> elsewhere.
> 
> - Ignoring.  (rpmlint bug?)

Using perms 755 would shut rpmlint up.

> > E: lvm2-cluster postin-without-ldconfig /usr/lib/liblvm2clusterlock.so.2.02
> > E: lvm2-cluster library-without-ldconfig-postun
> /usr/lib/liblvm2clusterlock.so.2.02
> 
> OK: the packaging installation process doesn't run ldconfig automatically yet
> so it has to be included in every spec file that handles shared libraries.
> 
> However, other packages look to have '%postun -p /sbin/ldconfig' and I've
> googled and searched the Fedora wiki and the new online book you mentioned, but
> as usual, I can't find documentation for what I need to know, viz. what '-p'
> does and whether you're meant to use it if there are other commands to run in
> the same section.

The -p option specifies the script interpreter to use for the scriplet.
"%post -p /sbin/ldconfig" with an empty script is a standard idiom for running a
single program in the scriptlet without having to use a shell.

> For safety, opted for:
>   %post
>   /sbin/chkconfig --add clvmd
>   /sbin/ldconfig
>  
>   %postun -p /sbin/ldconfig

That's correct usage,

> > E: lvm2-cluster non-standard-executable-perm
> /usr/lib/liblvm2clusterlock.so.2.02 0555
> 
> Puzzling: I thought linux wanted both the read and execute bits to be set
these days
> on shared objects, not just the read bit (which is all that's required at the
kernel
> level).
> 
> - Ignoring.  (rpmlint bug?)

rpmlint is expecting mode 755 as per most other libs in /usr/lib

> > W: lvm2-cluster devel-file-in-non-devel-package /usr/lib/liblvm2clusterlock.so
> 
> Seems overkill to create a lvm2-cluster-devel package containing just 
> one symlink?  I don't spot other packages with shared libraries doing 
> that.
> 
> - Ignoring.

$ rpm -qlp xorg-x11-drv-i810-devel-1.6.0-4.i386.rpm
/usr/lib
/usr/lib/libI810XvMC.so

(that package should not be owning /usr/ilb)

> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/lvm-types.h ../lib/datastruct/lvm-types.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/log.h ../lib/log/log.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/list.h ../lib/datastruct/list.h
> 
> I've never done anything with debuginfo packages before.
> Is this a bug in whatever bit of rpm generates them?

Yes.

> I've installed the 'lvm2' debuginfo package, and it has a similar problem.
> 
> I don't understand enough about how debuginfo packages are used to know whether
> the problem is the symlink that shouldn't be there, or if it's the file at the 
> end of it that shouldn't be missing.

I believe it's the latter.

> On Wed, Jun 14, 2006 at 02:27:07PM -0400, Jesse Keating wrote:
> > A standard executable should have permission set to 0755. If you get
> > this
> > message, it means that you have a wrong executable permissions in some
> > files
> > included in your package.
>  
> Oh!  So it prefers the owner of the executable to have write permission.
> The file is owned by root so owner write is irrelevant, but it's better not
> to set it IMHO as that gives out the wrong message, suggesting it's a file
> other applications might want to modify: for example, editors will often warn 
> the file is read-only if you try to modify it even as root.
> 
> I think that 'Error' from rpmlint should be downgraded to 'information', and
> it should be inverted - warning if the owner write bit is *set* on an
> executable.

Fair comment,

> The ones I mentioned in the email I'd already put into lvm2-cluster-2_02_06-1_2.
> 
> Probably still missing the requires for ldconfig though.

Perhaps. I can't see the spec file so I don't know.


-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Fedora-package-review mailing list