Hi, houghi schrieb: > Would `yast -i /tmp/file.rpm` solve that? I asume only after a createrepo > (or something similar)
No, "yast -i filename.rpm" is equivalent to "rpm -U --nodeps --force filename.rpm". "createrepo" followed by "yast -i packagename" would work, but it's insecure (YaST could install the wrong package if a different installation source contains a newer version of the same package - remember that newer is not always better). Side note: The current, broken situation in 10.1 is even more insecure because it can install an _old_ version if that incidentally exists in one of the working installation sources. > About /usr/src/packages/RPMS being writable by default. That is indeed a > much more serious issue. You can not then use that as a default. Is there > a reason that it is writabel for all? The permissions of /usr/src/packages are handled by the permissions system, i.e. /etc/permissions.*. You can change the permissions settings in /etc/sysconfig/security. Run "SuSEconfig --module permissions" afterwards. I don't know whether this default is really a security problem, but making it writable by root only means that only root can build RPMs unless the user sets %_topdir in his ~/.rpmmacros file. Changing that would doing things like creating ATI driver RPMs a tiny little bit longer because the user would have to perform one additional step (create ~/.rpmmacros or, much worse, do it as root). Not a severe problem, but it would have to be documented. Andreas Hanke --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
