From: Dario Niedermann on
Joost Kremers <joostkremers(a)yahoo.com> wrote:

> as others have pointed out already, the issue is *not* related to
> installpkg. the issue is with the permissions set in the package
> itself.

The issue is that installpkg isn't smart enough to prevent a defective
package from screwing up the filesystem.

--
> head -n1 /etc/*-{version,release} && uname -moprs
Slackware 12.2.0
Linux 2.6.27.7-crrm i686 AMD Turion(tm) 64 Mobile Technology MK-36 GNU/Linux
From: Sylvain Robitaille on
Dario Niedermann wrote:

> Yes it should. It doesn't take a *lot* of intelligence, after all, to
> avoid touching permissions on directories that pre-exist the package
> installation.

Except that you're suggesting that installpkg should (somehow) override
tar's own behaviour. That's a lot more effort than fixing the real
problem (incorrect permissions set in the package) would be in the first
place.

> In that added functionality, there should also be provisions to avoid
> messing up the user's filesystems.

That would need to be a modification of how tar works, then. You might
want to submit that as a "bug" to the people developping GNU tar. Feel
free to let us know how well they respond ...

>>> Installpkg is the only package installer I've seen in my life that
>>> will do this.
>>
>> It doesn't do this.
>
> Yes it does.

It doesn't. But don't take my word for it. Installpkg is nothing more
than a shell script. You could read the script, then report back here
at which line(s) you believe the error to be where it alters the
permissions on system directories. In fact, since you seem to believe
it should be a simple fix, why don't you just post a patch?

>> You've told the package installer to install a broken package.
>
> No, I didn't tell it to "install a broken package".

Apparently you did. In fact, you even confirm it below.

> I told it to install a package.

The package was broken (or more correctly stated, "poorly created").
Installpkg did as you asked and installed it.

> As a result of the package being broken, instead of issuing an error
> or a warning, installpkg silently screwed up permissions.

It did nothing of the sort. Installpkg used tar to unpack the package.
The directory permissions contained in the tar file overrode those on
the file system, as is known behviour from tar.

--
----------------------------------------------------------------------
Sylvain Robitaille syl(a)encs.concordia.ca

Systems analyst / AITS Concordia University
Faculty of Engineering and Computer Science Montreal, Quebec, Canada
----------------------------------------------------------------------
From: Helmut Hullen on
Hallo, Dario,

Du meintest am 13.07.10:

>>> Installpkg is the only package installer I've seen in my life that
>>> will do this.

>> It doesn't do this.

> Yes it does.

No - it doesn't. It makes two jobs:
a) untar the tarball
b) (if exists) run /install/doinst.sh

It changes no right or ownership by its own, it only does things which
are somehow defined in the tarball.

If possible: please send me some of your homemade tarballs, and please
tell how you have invoked "<packetname>.SlackBuild".

>> You've told the package installer to install a broken package.

> No, I didn't tell it to "install a broken package". I told it to
> install a package. As a result of the package being broken, instead
> of issuing an error or a warning, installpkg silently screwed up
> permissions.

"installpkg" is not allowed to overwrite the rights and ownership of the
tarball. It's my job to check the contents, not the job of "installpkg".

Viele Gruesse
Helmut

"Ubuntu" - an African word, meaning "Slackware is too hard for me".

From: Helmut Hullen on
Hallo, Dario,

Du meintest am 13.07.10:

>> as others have pointed out already, the issue is *not* related to
>> installpkg. the issue is with the permissions set in the package
>> itself.

> The issue is that installpkg isn't smart enough to prevent a
> defective package from screwing up the filesystem.

If I want to install a packet via "installpkg" then "installpkg" has to
obey. I am the boss, not "installpkg".

Viele Gruesse
Helmut

"Ubuntu" - an African word, meaning "Slackware is too hard for me".

From: Dario Niedermann on
Sylvain Robitaille <syl(a)alcor.concordia.ca> wrote:

> Except that you're suggesting that installpkg should (somehow) override
> tar's own behaviour.

"Override" ? Do you even know how tar works?

How difficult is it to pass tar a sanitized list of arguments?


<more pointless tar blaming snipped>


--
> head -n1 /etc/*-{version,release} && uname -moprs
Slackware 12.2.0
Linux 2.6.27.7-crrm i686 AMD Turion(tm) 64 Mobile Technology MK-36 GNU/Linux