Re: RPM Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

 On 10/03/2010 11:07 AM, Cédric Girard wrote:

On Sun, Oct 3, 2010 at 6:00 PM, Lew Wolfgang<wolfgang@xxxxxxxxxxxxxxx>wrote:


  On 10/02/2010 06:10 PM, Steven Susbauer wrote:


On 10/2/2010 7:41 PM, Lew Wolfgang wrote:


It works on all the major distros but fails to install
on Arch due to an RPM dependency. Their install script just fails saying
it can't find rpm. The script contains much ugliness and is McAfee
proprietary, so I doubt hacking it will be productive.

So the question is: can Arch be configured/tricked into an rpm install?


Does their installer actually require use rpm to install, or just wants
rpm to be there? Most distros allow you to install rpm, Arch is no different
except it is in aur:

aur/rpm 5.2.1-1 (153)
    The RedHat Package Manager.  Don't use it instead of Arch's 'pacman'.

If it actually uses rpm for the process, this is probably not the
solution. Two package managers at once is not a good thing.


I spent some time last night pulling the .sh file apart.  It's a script
that unzips a binary that unpacks two rpm files (9-MB), one 32-bit ELF
program (8.9-MB), two cryptographic keys and an xml file.  The script then
calls rpm to install the two rpm files, which contain tons of 32-bit system
libraries.  These libraries have the same names as regular system libs, like
libc, libm, libresolv and libcrypt.  This all makes me very nervous!  Arch
not using rpm may be a blessing in disguise, I'm going to see if I can get a
waiver to not install this McAfee root-kit.

Thanks for the help,
Lew



Can't you try to install only the program itself without these libraries ?
The libraries could be installable using pacman.
It installs a whole hierarchy in /opt, which is where its many libraries end up. It also has its own ldconfig, so it looks like it sets up its own insular runtime environment. It installs hooks in /etc/init.d for boot-time starting. Since this is a security package, I wouldn't be surprised if it did some kind of a trip-wire process to thwart tampering. It certainly uses pki keys to communicate with its "mother ship". As you can probably see, I'm trying to talk myself out of working on this too much. I could also try making a tarball of /opt/McAfee on a RPM-ed host where the package successfully installed itself, then port the start script to /etc/rc.d. I'm thinking my time might be better spend on getting a waiver for not installing the mess. 

Thanks for the suggestion, Cédric

Regards,
Lew
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux