On 6/21/2011 8:29 PM, Wichmann, Mats D wrote:
> > %post
> > /sbin/chkconfig --add meego-ux-mediafs if ! cat /etc/fuse.conf
| grep
> > -qw user_allow_other; then
> > echo "user_allow_other">> /etc/fuse.conf fi
>
> this I'm not so sure about...
> you add something, but never remove it
What requirement drives us to needing this option? Why would we
not want to
apply an access policy? We really want to give everyone a
privilege that
fuse by default only allows for root?
no the problem Arjan is complaining about is you have an install step
that adds to a file, but if the package is removed, you don't clean
out what got added. Unfortunately this tends to be a problem with
files that don't have a clean management method, if you just use shell
commands to append to a file, it's a little messy to clean it up.
Really these things ought to have some kind of an installer method to
add/remove entries, but well... we can dream.
actually it's both. Ryan is quite correct to need to verify and look
into the security consequences on this;
significant permissions are changed in this spec file, and at minimum
the security team needs to audit and approve these.
in addition, if we always need this we should just outright do this
correctly in the fuse package, not in this one.
_______________________________________________
MeeGo-packaging mailing list
[email protected]
http://lists.meego.com/listinfo/meego-packaging
