When %_minimize_io is enabled, we determine unchanged files during fingerprinting and only update their metadata (FA_TOUCH) instead of always recreating from scratch (FA_CREATE) during install. However package scriptlets (and administrators) can and will do arbitrary stuff in the meanwhile, such as rm -f their own files in %pre, hoping to get a fresh copy of contents no matter what. Or something. Now, if the file was determined to not need changing by rpm, this will just fail with chown & friends trying to touch non-existent file. One can consider this a case of package shooting itself in the foot, but when a package update fails or succeeds depending on %_minimize_io this to me suggests the feature is at fault as much as the package.
Do fsmVerify() on all files to be FA_TOUCH'ed to detect files whose type changed or were removed since fingerprinting. This still doesn't ensure correctness if something tampers with the contents in the meanwhile, (for that we'd need to run the file through the whole machinery again, checksumming and all) but covers the most glaring cases. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1347 -- Commit Summary -- * Upgrade FA_TOUCH to FA_CREATE if the file went away (RhBug:1872141) -- File Changes -- M lib/fsm.c (15) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1347.patch https://github.com/rpm-software-management/rpm/pull/1347.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1347
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint