On Fri, 2005-07-08 at 12:33 -1000, Warren Togami wrote: > Hi Spot, > > During FUDCON2 one of the TODO's I promised you was to send details > about package umask issues. This is only an issue for sysadmins when > they insist on using a system umask of 077 supposedly for some hardening > reason. Two kinds of packages then have problems: > > 1) Packages with unowned files or directories. This of course has an > obvious solution, simply own it. This is already covered in our > packaging guidelines. MUST right? > > 2) Packages which create unpackaged files in scriptlets like %post > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136030 > This is one example where this caused a problem. The quick and ugly > workaround is to explicitly set umask at the beginning of the scriptlet. > But the correct fix would be to make it so the software does not > create files in %post. The latter solution is not always trivial. > > Should we make #2 a SHOULD or MUST in guidelines? I'm inclined to add: MUST: Packages should not create files in %post. All files should be accounted for in %files. ~spot -- Tom "spot" Callaway: Red Hat Senior Sales Engineer || GPG ID: 93054260 Fedora Extras Steering Committee Member (RPM Standards and Practices) Aurora Linux Project Leader: http://auroralinux.org Lemurs, llamas, and sparcs, oh my!
