On Sun, 23 Mar 2008 02:01:43 -0400, Dimi Paun wrote: > > On Sun, 2008-03-23 at 00:30 -0400, Tom Lane wrote: > > > > Expecting specfiles to rm -rf the buildroot is just as stupid. The default %install and %clean sections could do that and could be removed from .spec files. Especially for the very useful --short-circuit builds it is a necessity to clear the buildroot at the beginning of %install, so not doing it is a mistake. Always. > Thank you Tom! > > It is such a nasty violation of basic encapsulation that > should offend any hacker's sense of good, right and pretty. > > It is quite remarkable how such a ugly wart can survive for > so long in an environment of highly technical people with > a passion for what they do... :) > > And it's not just ugly, but just incredibly dangerous. Old > timers might remember how this idiotic > rm -rf $BUILDROOT > business would result in a > rm -rf / > when you'd build a .rpm as root. > > I got bit by it, and it hurt. Badly. Oh, interesting, then you're one of the very few who really ran into it. It was mostly a theoretical problem, because users had to define %buildroot themselves to get "rm -rf /" and also build as root. Later, when packagers defined "BuildRoot: /tmp" and similar in the spec files and tried to catch buildroot=='/', I met someone who managed to run into "rm -rf //" due to an incorrectly expanded value. But it triggered a bug elsewhere and didn't damage anything. Even when RPM disallowed '/' as a buildroot, some people, who have never been hit by it before, insisted on adding "safety-checks" to spec files. Sometimes old cruft is hard to get rid of. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
