Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: lvm2-cluster https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191200 ------- Additional Comments From paul@xxxxxxxxxxxx 2006-06-16 06:28 EST ------- (In reply to comment #18) > > E: lvm2-cluster non-standard-executable-perm /usr/sbin/clvmd 0555 > > What's rpmlint complaining about? It's got the executable bits and it can't be > written to by a non-root user. Some would argue 0111 would be better, but this > is a distribution so there's little to gain from a security-by-obscurity > argument as it's trivial for a user to get hold of a copy of the binary from > elsewhere. > > - Ignoring. (rpmlint bug?) Using perms 755 would shut rpmlint up. > > E: lvm2-cluster postin-without-ldconfig /usr/lib/liblvm2clusterlock.so.2.02 > > E: lvm2-cluster library-without-ldconfig-postun > /usr/lib/liblvm2clusterlock.so.2.02 > > OK: the packaging installation process doesn't run ldconfig automatically yet > so it has to be included in every spec file that handles shared libraries. > > However, other packages look to have '%postun -p /sbin/ldconfig' and I've > googled and searched the Fedora wiki and the new online book you mentioned, but > as usual, I can't find documentation for what I need to know, viz. what '-p' > does and whether you're meant to use it if there are other commands to run in > the same section. The -p option specifies the script interpreter to use for the scriplet. "%post -p /sbin/ldconfig" with an empty script is a standard idiom for running a single program in the scriptlet without having to use a shell. > For safety, opted for: > %post > /sbin/chkconfig --add clvmd > /sbin/ldconfig > > %postun -p /sbin/ldconfig That's correct usage, > > E: lvm2-cluster non-standard-executable-perm > /usr/lib/liblvm2clusterlock.so.2.02 0555 > > Puzzling: I thought linux wanted both the read and execute bits to be set these days > on shared objects, not just the read bit (which is all that's required at the kernel > level). > > - Ignoring. (rpmlint bug?) rpmlint is expecting mode 755 as per most other libs in /usr/lib > > W: lvm2-cluster devel-file-in-non-devel-package /usr/lib/liblvm2clusterlock.so > > Seems overkill to create a lvm2-cluster-devel package containing just > one symlink? I don't spot other packages with shared libraries doing > that. > > - Ignoring. $ rpm -qlp xorg-x11-drv-i810-devel-1.6.0-4.i386.rpm /usr/lib /usr/lib/libI810XvMC.so (that package should not be owning /usr/ilb) > > W: lvm2-cluster-debuginfo dangling-relative-symlink > /usr/src/debug/LVM2.2.02.06/include/lvm-types.h ../lib/datastruct/lvm-types.h > > W: lvm2-cluster-debuginfo dangling-relative-symlink > /usr/src/debug/LVM2.2.02.06/include/log.h ../lib/log/log.h > > W: lvm2-cluster-debuginfo dangling-relative-symlink > /usr/src/debug/LVM2.2.02.06/include/list.h ../lib/datastruct/list.h > > I've never done anything with debuginfo packages before. > Is this a bug in whatever bit of rpm generates them? Yes. > I've installed the 'lvm2' debuginfo package, and it has a similar problem. > > I don't understand enough about how debuginfo packages are used to know whether > the problem is the symlink that shouldn't be there, or if it's the file at the > end of it that shouldn't be missing. I believe it's the latter. > On Wed, Jun 14, 2006 at 02:27:07PM -0400, Jesse Keating wrote: > > A standard executable should have permission set to 0755. If you get > > this > > message, it means that you have a wrong executable permissions in some > > files > > included in your package. > > Oh! So it prefers the owner of the executable to have write permission. > The file is owned by root so owner write is irrelevant, but it's better not > to set it IMHO as that gives out the wrong message, suggesting it's a file > other applications might want to modify: for example, editors will often warn > the file is read-only if you try to modify it even as root. > > I think that 'Error' from rpmlint should be downgraded to 'information', and > it should be inverted - warning if the owner write bit is *set* on an > executable. Fair comment, > The ones I mentioned in the email I'd already put into lvm2-cluster-2_02_06-1_2. > > Probably still missing the requires for ldconfig though. Perhaps. I can't see the spec file so I don't know. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review