[Rpm-maint] [rpm-software-management/rpm] RPM fails to install paths when a path is a directory and marked with "%config" flag (Issue #2890)

Wed, 07 Feb 2024 00:55:12 -0800 

**Describe the bug**

A Red Hat customer is using the [gradle 
plugin](https://plugins.gradle.org/plugin/com.netflix.nebula.ospackage) to 
build his RPM packages.
When using a snippet as shown below, it ends up creating a RPM with directories 
marked with %config flag, e.g.:
~~~
from ('src'){
    fileType CONFIG
    into '/opt/foo/bar'
    createDirectoryEntry true
    addParentDirs false
}
fileMode = 0755
~~~

ends up getting a RPM with `/opt/foo/bar` being tagged:
~~~
# rpm -qp --qf "[%{filenames} %{fileflags:fflags} \n]"  ~/foo-1.0.noarch.rpm
/opt/foo/bar c
/opt/foo/bar/somedir c
/opt/foo/bar/somefile c
~~~

This leads to getting the following error when installing the package with 
latest RPM found on Fedora 38 (`rpm-4.18.2-1.fc38`) and RHEL8 
(`rpm-4.14.3-28.el8_9`), in case `/opt/foo/bar` doesn't already exist:
~~~
# rpm -i ~/foo-1.0.noarch.rpm 
error: failed to open dir platform of /opt/foo/bar/: No such file or directory
error: unpacking of archive failed on file /opt/foo/bar/somedir: cpio: open 
failed - No such file or directory
error: foo-1.0.noarch: install failed
~~~

On RHEL8, such package could be installed with older releases of RPM, up to 
`rpm-4.14.3-26.el8` included, i.e. before fixing CVE-2021-35937, CVE-2021-35938 
and CVE-2021-35939.

We believe (@ffesti and myself) that tagging a directory with %config flag is 
an error, the flag should only be used with regular files.

Could you please confirm it's indeed an error to flag directories with %config 
flag.
If so, would it be possible to harden RPM to fail with a different error, 
clearly stating the RPM is not following the spec.

**To Reproduce**
Steps to reproduce the behavior:

I don't know, this seems to require gradle plugin.


-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2890
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

Reply via email to