https://bugzilla.redhat.com/show_bug.cgi?id=977646 Need Real Name <lenz@xxxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lenz@xxxxxxxxxxx --- Comment #4 from Need Real Name <lenz@xxxxxxxxxxx> --- Hi, thanks for the review and for looking into including mylvmbackup in your distribution. (In reply to Marcin.Dulak from comment #3) > (In reply to Christopher Meng from comment #2) > > 1) These 3 pm files are scripts, is it ok to put them under /etc? > > are they actually used, or only provided as examples of hooks? These are just examples (empty templates), a user can either edit or replace them with actual scripts. > If they are just examples then let's store them under docs, e.g: > %doc hooks I'm fine with that. > and we don't need to change hooksdir=/etc/mylvmbackup/hooks in > /etc/mylvmbackup.conf How about changing hooksdir to /usr/share/mylvmbackup instead and adding this empty directory to the spec file (in addition to putting the hooks in the docs directory? This might be a more appropriate place than /etc/ > If they are necessary for mylvmbackup then it's OK to have such files under > /etc > (there are already several executables there: find /etc -perm 755 -type f), > my suggestion is as in comment #1 They are not necessary, these hooks can be used to implement additional functionality as needed. We just need to ensure that RPM does not mangle any of these hooks in case the user has modified them. > > 2) /etc/mylvmbackup.conf has permision 0600L because it contains the MySQL > > root user's password. I don't think we want to expose that to any user on > > the system. > > > > 3) I will pull in mariadb-server instead of -libs because this is a script > > for backup, not just need a file. In order to backup database we need to > > have a running databases. > > OK, mariadb-server pulls mariadb-libs as dependency > What about EL6: mysql-server? > I guess having mylvmbackup in EPEL is more interesting than Fedora. Define "interesting" :) I think it would make sense having in both, but I'll continue to provide my own RPM builds from the SUSE build service as well. > > I know the problem, and I think upstream should create a new feature that > > reading such information from a file instead of script itself, right? > > There is a "--password=string" option to mylvmbackup, but that > just moves sensitive data to a script that calls it, > instead of having it in /etc/mylvmbackup.conf > Encryption would be desirable here. There are other options how a MySQL client like mylvmbackup can store the password - http://dev.mysql.com/doc/refman/5.6/en/password-security-user.html provides alternative options to storing it in the configuration file. This is mentioned in the mylvmbackup man page as well. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=mCjWHdDU95&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review