[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Package umask issues

Tom 'spot' Callaway wrote:
On Fri, 2005-07-08 at 12:33 -1000, Warren Togami wrote:

Hi Spot,

During FUDCON2 one of the TODO's I promised you was to send details about package umask issues. This is only an issue for sysadmins when they insist on using a system umask of 077 supposedly for some hardening reason. Two kinds of packages then have problems:

1) Packages with unowned files or directories. This of course has an obvious solution, simply own it. This is already covered in our packaging guidelines. MUST right?

2) Packages which create unpackaged files in scriptlets like %post
This is one example where this caused a problem. The quick and ugly workaround is to explicitly set umask at the beginning of the scriptlet. But the correct fix would be to make it so the software does not create files in %post. The latter solution is not always trivial.

Should we make #2 a SHOULD or MUST in guidelines?

I'm inclined to add:

MUST: Packages should not create files in %post. All files should be
accounted for in %files.


That isn't going to be easy to fix for all software. It is desired though.

Warren Togami
wtogami redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]