2008/1/18 <
dadembro rockwellcollins com>:
I am confused how an rpm package I generated
to simplify adding support for an additional hardware device (reflective
memory card). I hope someone can explain what happens and the proper
way I should create the rpm.
My problem is somehow related to the
umask setting, since I did not have any problems until the default umask
changed to 077 to comply with security settings. Installing the rpm
package after the default umask is 077, some header files that are place
in /usr/lib/rfm2g directory with no permission for group and world.
If rpm-5.0, then what is confusing is that rpm is making a umask(0022) call,
overriding whatever default umask you have specified.
My install section for the header files
uses the command install -d /usr/lib/rfm2g. When I test the command
by setting my umask to 077 and test the command I get a directory created
with read and execute rights for everyone (owner, group, and world). What
is the rpm package doing differently?
As a security measure, umask(2) can only succeed if all programs do not override.
But for packaging, particularly for permissions for files generated as side effect of
running a package scriptlet, the files are generated with limited access that can
break other packages.
I personally don't think rpm should set or change umask, but I'm in a minority.
73 de Jeff