Yup. Note "ideally" in there - this is stuff to explore with, and indeed for
packaging hygiene reasons rather than any "security" thing.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3050#issuecomment-2065908096
You are receiving this
> %install should run with a read-only build directory
I don't think this is going to work. E.g. autotoolz-based systems (something in
the autotools, automake, libconf stack) do final preparation steps in the
install target. I think this is inelegant, but not really "wrong". Old meson
versions
Ideally, the build scriptlets would be isolated from each other:
- %prep unpacks the source, and %build takes place in a separate directory
against a read-only source. Obviously not all software can be built outside the
source tree, but this would be a nice addon to vpath builds (#2985)
- %insta