From: Dario Niedermann on 15 Jul 2010 12:26 Jim Diamond <Jim.Diamond(a)deletethis.AcadiaU.ca> wrote: > As others have pointed out, this would make it more difficult for > packages to modify directory perms when there is a valid reason to do > so. It is not clear to me that this is a win-win. The package installer should never alter permissions on pre-existing directories, because this could break software that's already installed and working. Just think of the trainwreck it could potentially cause on a production system. >> Scripts are a whole different issue. I don't think there's a realistic >> way for the package installer to ensure they won't wreak havoc. > > So really there is no way for installpkg to guard against broken > packages, in general. Scripts should have to be designed (or mis-designed) to cause damage, though. Which wouldn't be likely if you get them from a reputable source. -- > head -n1 /etc/*-{version,release} && uname -moprs Slackware 12.2.0 Linux 2.6.27.31-smp i686 AMD Turion(tm) 64 Mobile Technology MK-36 GNU/Linux
From: +Alan Hicks+ on 15 Jul 2010 14:00 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2010-07-14, Dario Niedermann <M8R-cthw2f(a)spamherelots.com> wrote: > The point is, what should a well-written package installer do with a > broken package? Should it happily mess permissions up on system > directories as installpkg does? What exactly constituted a broken package? Sure, *you* might not want / 700, but some one out there conceivably might. You might not want /usr/bin set root:bin 750, but some one out there might. pkgtools is a very flexible set of scripts that does exactly what they are told. That is a feature, not a bug. If you tell it to do things that you don't like, then you are at fault, not pkgtools. In toher words, just because *you* consider a package to be broken doesn't mean it isn't 100% what some one else intends. Asking pkgtools to do what you want and not what some one else might want is narcissistic. - -- It is better to hear the rebuke of the wise, Than for a man to hear the song of fools. Ecclesiastes 7:5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkw/TMYACgkQDyaEVbMHxsYDrwCgnnUJKgTF/3vksi/NjRmNR92c uH0AmgNcScATgbUqtxLrDlyYdvmbfNUl =4+m2 -----END PGP SIGNATURE-----
From: +Alan Hicks+ on 15 Jul 2010 14:50 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2010-07-14, Keith Keller <kkeller-usenet(a)wombat.san-francisco.ca.us> wrote: >> For one thing I'm running 12.2. Secondly, too many bozos > > The BOZO list is back!!!!!!!~ Hide the goat! I seen it too. Hot damn but I picked a good time to return! :^) - -- It is better to hear the rebuke of the wise, Than for a man to hear the song of fools. Ecclesiastes 7:5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkw/WJAACgkQDyaEVbMHxsaFkACaA3mwlcF44Je+RtU5Wl10D2+T 3k4An3WB33zCkwQnVIHimvqZcgx4Y48x =oFuJ -----END PGP SIGNATURE-----
From: William Hunt on 15 Jul 2010 17:11 On Thu, 15 Jul 2010, Dario Niedermann wrote: > Jim Diamond <Jim.Diamond(a)deletethis.AcadiaU.ca> wrote: [...] >> So really there is no way for installpkg to guard against broken >> packages, in general. > > Scripts should have to be designed (or mis-designed) to cause damage, > though. Which wouldn't be likely if you get them from a reputable > source. Wouldn't then your complaint be with your reputable source, not installpkg ? also, besides malicious or 'mis-designed' scripts, there also exist poorly-implemented scripts and scripts with typographical errors, as well as Q+D solutions to immediate problems, scripts whose goals do not include your case. There's a lot of gray area. Deal with it. There are reasons that third-party packages are third-party, and not found on slackware.com. PS. re: your borked third-party package, note that if one correctly re-built the package, and then re-installed it, it would most likely fix all of the ownerships, perms, etc, borked on the first install. -- William Hunt, Portland Oregon USA
From: Dario Niedermann on 15 Jul 2010 17:46
Jerry Peters <jerry(a)example.invalid> wrote: > No, I *have* read the entire thread If that is the case, your reading comprehension skills really suck. -- > head -n1 /etc/*-{version,release} && uname -moprs Slackware 12.2.0 Linux 2.6.27.31-smp i686 AMD Turion(tm) 64 Mobile Technology MK-36 GNU/Linux |