-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stepan Kasal wrote: > Hello, > > On Thu, Aug 23, 2007 at 09:11:10AM -0700, Toshio Kuratomi wrote: >> New clarified language. Packaging Guidelines: >> ''' >> In general, your package should own all of the directories that it >> creates but the situation is more complex than in the case of files >> because many packages put files into the same directories. > > the second half of the sentence really confuses me. > I suggest to put period after "creates". > >> The rule of >> thumb is that your package should own all of the directories it creates > > repeated again? > >> except those owned by packages which your package depends on. > > ok > >> *However, there are times when you should own more than this.* > > Again, this puzzles me. I would say: > "In certain situations, a directory may be owned by two packages. > Typically, more than one package has files in a common directory, but > none of them requires another of them--in that case, each of them > shall own the directory." > >> If the directory >> hierarchy your package is located in may change due to updates of >> packages you depend on, then you need to take care to own those pieces >> of the hierarchy. > > This might be correct, but I'm not able to decipher it; perhaps I > have not encountered such a situation yet. > >> [snip examples] >> >> In any case, there should never be any unowned directories after a >> package is uninstalled from the system. > > Again, I would rephrase. Something like: > "In any case, a system may never contain a file owned by an installed > package whoch would lay below an unowned directory. > (That's because such a directory would remain on the system after the > corresponding package has been removed.)" I didn't want to tear up the existing guidelines more than necessary. But I agree that the wording leaves something to be desired. How about: ''' Directory ownership is a little more complex than file ownership. Although the rule of thumb is the same: own all the directories you create but none of the directories of packages you depend on, there are several instances where it's desirable for multiple packages to own a directory. Examples of this are: 1) The package you depend on to provide a directory may choose to own a different directory in a later version and your package will run unmodified with that later version. [perl module example here] 2) Multiple packages have files in a common directory but none of them requires others. [hierarchy example here] In all cases we are guarding against unowned directories being present on a system. Unowned directories are affected by the umask of the user installing the package and thus can be a security risk or lead to packages which won't run. ''' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFGzct8X6yAic2E7kgRAqC3AJ9GPui1N01ZhbfkK1UpQ9apCMnzeQCeL57r 5HQXjwmWXl4xJgt224Vci+I= =3ygx -----END PGP SIGNATURE----- -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
