Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: lvm2-cluster

------- Additional Comments From [EMAIL PROTECTED]  2006-06-16 06:28 EST -------
(In reply to comment #18)
> > E: lvm2-cluster non-standard-executable-perm /usr/sbin/clvmd 0555
> What's rpmlint complaining about?  It's got the executable bits and it can't 
> be
> written to by a non-root user.  Some would argue 0111 would be better, but 
> this
> is a distribution so there's little to gain from a security-by-obscurity
> argument as it's trivial for a user to get hold of a copy of the binary from
> elsewhere.
> - Ignoring.  (rpmlint bug?)

Using perms 755 would shut rpmlint up.

> > E: lvm2-cluster postin-without-ldconfig /usr/lib/
> > E: lvm2-cluster library-without-ldconfig-postun
> /usr/lib/
> OK: the packaging installation process doesn't run ldconfig automatically yet
> so it has to be included in every spec file that handles shared libraries.
> However, other packages look to have '%postun -p /sbin/ldconfig' and I've
> googled and searched the Fedora wiki and the new online book you mentioned, 
> but
> as usual, I can't find documentation for what I need to know, viz. what '-p'
> does and whether you're meant to use it if there are other commands to run in
> the same section.

The -p option specifies the script interpreter to use for the scriplet.
"%post -p /sbin/ldconfig" with an empty script is a standard idiom for running a
single program in the scriptlet without having to use a shell.

> For safety, opted for:
>   %post
>   /sbin/chkconfig --add clvmd
>   /sbin/ldconfig
>   %postun -p /sbin/ldconfig

That's correct usage,

> > E: lvm2-cluster non-standard-executable-perm
> /usr/lib/ 0555
> Puzzling: I thought linux wanted both the read and execute bits to be set
these days
> on shared objects, not just the read bit (which is all that's required at the
> level).
> - Ignoring.  (rpmlint bug?)

rpmlint is expecting mode 755 as per most other libs in /usr/lib

> > W: lvm2-cluster devel-file-in-non-devel-package 
> > /usr/lib/
> Seems overkill to create a lvm2-cluster-devel package containing just 
> one symlink?  I don't spot other packages with shared libraries doing 
> that.
> - Ignoring.

$ rpm -qlp xorg-x11-drv-i810-devel-1.6.0-4.i386.rpm

(that package should not be owning /usr/ilb)

> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/lvm-types.h ../lib/datastruct/lvm-types.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/log.h ../lib/log/log.h
> > W: lvm2-cluster-debuginfo dangling-relative-symlink
> /usr/src/debug/LVM2.2.02.06/include/list.h ../lib/datastruct/list.h
> I've never done anything with debuginfo packages before.
> Is this a bug in whatever bit of rpm generates them?


> I've installed the 'lvm2' debuginfo package, and it has a similar problem.
> I don't understand enough about how debuginfo packages are used to know 
> whether
> the problem is the symlink that shouldn't be there, or if it's the file at 
> the 
> end of it that shouldn't be missing.

I believe it's the latter.

> On Wed, Jun 14, 2006 at 02:27:07PM -0400, Jesse Keating wrote:
> > A standard executable should have permission set to 0755. If you get
> > this
> > message, it means that you have a wrong executable permissions in some
> > files
> > included in your package.
> Oh!  So it prefers the owner of the executable to have write permission.
> The file is owned by root so owner write is irrelevant, but it's better not
> to set it IMHO as that gives out the wrong message, suggesting it's a file
> other applications might want to modify: for example, editors will often warn 
> the file is read-only if you try to modify it even as root.
> I think that 'Error' from rpmlint should be downgraded to 'information', and
> it should be inverted - warning if the owner write bit is *set* on an
> executable.

Fair comment,

> The ones I mentioned in the email I'd already put into 
> lvm2-cluster-2_02_06-1_2.
> Probably still missing the requires for ldconfig though.

Perhaps. I can't see the spec file so I don't know.

Configure bugmail:
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Fedora-package-review mailing list

Reply via email to