Quoting Michal Schmidt (2012-06-14 15:10:56) > On 06/14/2012 02:59 PM, Stanislav Ochotnicky wrote: > > +%triggerun -- jetty < 8.1.2-9 > > You already have one triggerun for jetty in the spec: > %triggerun -- jetty < 8.1.0-3 > > You're likely to hit this RPM bug: > https://bugzilla.redhat.com/show_bug.cgi?id=702378 > I guess this in itself solves the problem for us. We can't fix user systems properly ergo... > > +/bin/systemctl --no-reload disable jetty.service >/dev/null 2>&1 ||: > > +/bin/systemctl --no-reload stop jetty.service >/dev/null 2>&1 ||: > > > > This trigger will do following: > > If we are updating from previous releases, we disable the service and > > stop it if it's running > > I dislike this, because: > - You'd just break some users' systems for the sake of a different > subset of users. > - Some breakage during distribution upgrade is more tolerable than > breakage within regular updates. Well not anymore, I'll just describe it in the bodhi update. > Is a running jetty really _that_ dangerous? Why do we ship it at all > then? ;-) Why do we ship Apache, tomcat and tens (hundrets?) of other useful packages? Jetty unlike most packages _is_ remotely accessible so the attack surface is rather large. If you wrote that in a jest, then sorry but I don't take my mistake that could compromise security of Fedora's users that lightly. Bummer... -- Stanislav Ochotnicky <sochotnicky@xxxxxxxxxx> Software Engineer - Base Operating Systems Brno PGP: 7B087241 Red Hat Inc. http://cz.redhat.com -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
