mock mock.spec,1.5,1.6
Ville Skyttä
ville.skytta at iki.fi
Sun Jun 5 15:33:07 UTC 2005
On Sun, 2005-06-05 at 16:27 +0200, Matthias Saou wrote:
> seth vidal wrote :
>
> > > groupdel and userdel are always bad ideas in packages. Just remove the
> > > %postun scriptlet altogether.
> >
> > so it's okay to just leave a created group/user? That seems ugly and
> > messy to me. We're always saying packages should clean up all of their
> > directories - why not have them clean up all of their groups, too.
>
> Quite simple : Install the package, the user/group gets created. Remove
> it, if files are left behind that still belong to the user/group, then
> when the new user/group is created later on if the same package is
> reinstalled, the uid/gid will be different and those files won't have the
> proper owner.
>
> Say that /etc/program.d/ is mode 700 with a non root owner. If you
> modified a file in there, the directory won't get removed because
> some .rpmsave files will be there when you remove the package that owned
> all the files. This is an example of where side-effects begin.
One more example: as said above when these files with the original
user/group removed are left behind, the permissions for the leftover
files will be uid/gid based. Now, a completely different package
installed later may get its unrelated user/group created with the
uid/gid earlier used by the erased package; depending on the nature of
the leftover files, this may be a security issue.
More information about the fedora-extras-commits
mailing list