installpkg messing up perms
in [Slackware]
|
From: Keith Keller on 13 Jul 2010 14:43 On 2010-07-13, Dario Niedermann <M8R-cthw2f(a)spamherelots.com> wrote: > > "Override" ? Do you even know how tar works? > > How difficult is it to pass tar a sanitized list of arguments? If you have a patch for installpkg, that actually works correctly, feel free to post it and/or report it to Pat. <more pointless blaming of everything except the package snipped> --keith -- kkeller-usenet(a)wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt see X- headers for PGP signature information
From: Henrik Carlqvist on 13 Jul 2010 15:01 Dario Niedermann <M8R-cthw2f(a)spamherelots.com> wrote: > The issue is that installpkg isn't smart enough to prevent a defective > package from screwing up the filesystem. That is correct, it is also not a bug but a feature. It is possible and sometimes also exactly what you want to: 1) create a package that tightens up permissions on files and directory trees even if some of those files or directory trees already exist. 2) create a package containing a install script which removes, renames or changes permissions of important files and directoris. Would you really want installpkg to lose those important features? If your answer is yes to that question, how do you think installpkg would decide what is good and what is bad? Is it ok to remove files? Is it ok to add files or directories to the / directory? Would it be ok to change the permission of some directories but not others? When you are using installpkg you are doing things as root. As the root user you have the power to really mess up your system. You should not install packages that you don't trust and you should not run binaries from unknown sources, especially not as root. If you as root type "rm -rf /" you will mess up your system totally. If you as root install a package that has the above command in its install script you will also mess up your system totally. In such a case it is not fair to blame installpkg for the state of your system. regards Henrik -- The address in the header is only to prevent spam. My real address is: hc3(at)poolhem.se Examples of addresses which go to spammers: root(a)localhost postmaster(a)localhost
From: Dario Niedermann on 13 Jul 2010 15:07 Keith Keller <kkeller-usenet(a)wombat.san-francisco.ca.us> wrote: > If you have a patch for installpkg, that actually works correctly, > feel free to post it and/or report it to Pat. Why should I submit a patch if everyone thinks that installpkg works so great? <false snip snipped> -- > head -n1 /etc/*-{version,release} && uname -moprs Slackware 12.2.0 Linux 2.6.27.7-crrm i686 AMD Turion(tm) 64 Mobile Technology MK-36 GNU/Linux
From: Sylvain Robitaille on 13 Jul 2010 15:08 Dario Niedermann wrote: > "Override" ? Re-read what you wrote and tell us again that you weren't suggesting that. > Do you even know how tar works? Yes. Do you? Go back through the history of this thread and review what you've written. > How difficult is it to pass tar a sanitized list of arguments? I'll leave it to you to figure out why installpkg calls tar with the argument to preserve file ownerships and permissions when it unpacks the package. > <more pointless tar blaming snipped> I wasn't blaming tar; I was blaming your package, and it most certainly was not pointless. Your package is broken, not installpkg. -- ---------------------------------------------------------------------- Sylvain Robitaille syl(a)encs.concordia.ca Systems analyst / AITS Concordia University Faculty of Engineering and Computer Science Montreal, Quebec, Canada ----------------------------------------------------------------------
From: Sylvain Robitaille on 13 Jul 2010 15:10
Dario Niedermann wrote: > Why should I submit a patch if everyone thinks that installpkg works > so great? You're the one claiming installpkg is broken. If indeed it is, and you have a fix, let's see it. -- ---------------------------------------------------------------------- Sylvain Robitaille syl(a)encs.concordia.ca Systems analyst / AITS Concordia University Faculty of Engineering and Computer Science Montreal, Quebec, Canada ---------------------------------------------------------------------- |