Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: clement-2.1 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=176253 ------- Additional Comments From j.w.r.degoede@xxxxxx 2006-08-14 03:40 EST ------- (In reply to comment #16) > I think datadir is not a problem, I need to double check with the PHP person, > should be fixed in the next version. > > clement is not 'setuid' but must be root open < 1024 port. > such the Clement daemon is started as root and clement take > the application ownership to become a standard user mail > to avoid the have a daemon with root priviledge open on the > (wild) outside. I understand, but then the %{_usr}/bin/%{name} file doesn't have the be owned by mail.mail and could be just root.root, right? My real question al allong has been why is %{_usr}/bin/%{name} owned by mail.mail? > I would rather have a "clement" username but > rpmlint seems to be rather reluctant to 'give/declare' new > username. > Thats possible, add the following lines (at the appropiate places): Requires(pre): /usr/sbin/useradd, /usr/sbin/groupadd %pre /usr/sbin/groupadd -r clement 2> /dev/null || : /usr/sbin/useradd -s /sbin/nologin -M -d / -c "Clement daemon" -r -g clement \ clement 2> /dev/null || : And then you can use %attr (-,clement,clement) in %files. You will ofcourse also need to patch the daemon to drop its root rights to the user clement instead of mail. This might generatre some rpmlint warnings but these may be ignored. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review