[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fedora-packaging] commands under privileged users' path



On Thursday 23 August 2007, Mamoru Tasaka wrote:
>
> Then I noticed :
> %pre servers
> # Following the Wiki instructions ...
> getent group iceuser > /dev/null || groupadd -r iceuser
> <snip>
>
> Here "groupadd" (which is in Fedora under /usr/sbin)
> is used by only basename, not by full path.

That's intentional.  People wanted to have a dependency on shadow-utils 
instead of the actual executables used, so it was changed, and thus we are 
now already making some assumptions about things and full hardcoded paths no 
longer add any real value, they just clutter specfiles.

> IMO this will cause 
> a problem when "yum update" or "rpm -ivh" is done by normal
> users using "su -c" or "sudo" because normal users usually
> don't have /usr/sbin in their path.

rpm ensures that it is there.  More specifically, it sets this for all 
scriptlets (based on rpm hg sources, lib/psm.c):

static char * SCRIPT_PATH 
= "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin";

Have you actually tested and found that the problem you describe exists in 
some scenarios?  I do rpm/smart/yum operations from a "sudo -s" shell all the 
time (no /usr/sbin in PATH there), and have not encountered any problems like 
this.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]