On Mon, 2008-11-10 at 12:32 -0600, Jason L Tibbitts III wrote: > Here's a package from a recent review: > http://www.math.uh.edu/~tibbs/rpms/cave9-0.3-2.bog9.src.rpm > > When build locally, the included file /usr/bin/cave9 has mode 0775. > When built in koji > (http://koji.fedoraproject.org/koji/taskinfo?taskID=924911) the file > has mode 0755. > > My local machine has mock-0.9.9-1.fc9.noarch. I am using the caching > stuff, and my configuration files have been modified to point to local > package mirrors and to set basedir to /mock which is a 10G tmpfs with > the same permissions as /var/lib/mock. Those permissions happen to be > 2775; that's probably coincidental but I guess you never know.
I think the main point to take away from this is that relying on umask of systems to set the permissions of your files correctly is fragile at best, dangerous at worst. Umask can and does change from host to host so the build output is unreliable. Permissions in package builds should be set explicitly at either the %install phase or the %files phase. This likely needs a big sweeping cleanup action on our existing packages, but catching this on new packages is a start. -- Jesse Keating Fedora -- FreedomĀ² is a feature! identi.ca: http://identi.ca/jkeating
signature.asc
Description: This is a digitally signed message part
-- Fedora-buildsys-list mailing list Fedora-buildsys-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
