Obtaining 2.6.8-1.541 source code
Gregory G Carter
gcarter at aesgi.com
Tue Sep 14 21:52:00 UTC 2004
Aaron Gaudio wrote:
>On Tue, 2004-09-14 at 15:47 -0500, Gregory G Carter wrote:
>
>
>>I am not sure I agree with that notion of non root security locality
>>when dealing with OS source code.
>>
>>
>>
>
>I'm not sure of the relevance of this post to the previous, unless I'm
>missing something, but I definitely agree that when building rpms, one
>should use a non-root account. The primary reason is this: some (many?)
>srpms are not spec'd properly and will attempt to alter your actual
>system (e.g. install into /usr instead of /tmp/%{buildroot}/usr). If you
>are a normal user, this will cause the build process to break and you'll
>realize that had you been running as root, the process would appear to
>have worked correctly while in fact now it may have installed files you
>didn't want to install; or worse (blown away files you desperately need,
>etc.).
>
>I don't see any reason to treat the kernel srpm any differently. Once
>installed, the binary rpms will be installed as root, along with any
>source code/include files that go along with it.
>
>
>
>
I see lots of reasons to treat kernel source code differently.
I do not agree, especially in the context of a devlopment release of an
Operating System product.
One source tree should be in root context, the other in userland and the
two should not be shared as you suggest, for the same purpose.
As for the "not spec'ed properly" arguement, if you do not understand
how to pull configuration information out of a source rpm before
installing it, you should probably wait for the binaries or do some
prudent reading.
(i.e. http://www.rpm.org/)
-gc
More information about the fedora-test-list
mailing list