I have banged around a bit further on the OpenPKG specfile I wrote for
Zope, but still can't figure out how to use %{l_rpmtool} to get the
ownership / attributes set properly for the "data" directory.
- Because Zope runs as a daemon, the "restricted" user needs to be
able to create and modify files in that directory (currently,
var/zope/default/var',where 'default' is the name of the server
instance).
- Because potentially sensitive information lives in that directory,
*only* the restricted user should be able to read / write files
there.
Ergo, I need that directory to be owner 'cw-r', group 'cw-r', mode 0700.
I have tried emulating several other packages:
postgresql (note that its daemon breaks in the same way as Zope;
the restricted user can't write into the data directory)::
# determine installation files
%{l_rpmtool} files -v -ofiles -r %{l_files_std}
'%attr(700,%{l_rusr},%{l_rgrp}) %dir %{l_prefix}/var/zope/default/var'
squid (no %dir)::
# determine installation files
%{l_rpmtool} files -v -ofiles -r %{l_files_std}
'%attr(700,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/zope/default/var'
In neither case does the var directory get set to be owned by the
restricted user.
.
Any clues? Once this is worked out, I think Zope would be a candidate
for moving out of "JUNK" status; I will also be able to package the
ZEO storage server stuff.
Tres.
--
===============================================================
Tres Seaver [EMAIL PROTECTED]
Zope Corporation "Zope Dealers" http://www.zope.com
______________________________________________________________________
The OpenPKG Project www.openpkg.org
Developer Communication List [EMAIL PROTECTED]
