[Slackbuilds-users] Package verification at SBo [was: apache-tomcat slackbuild silently changes /var/tmp permissions]

Heinz Wiesinger pprkut at slackbuilds.org
Sat Jan 14 10:41:14 UTC 2017


On Friday, 13 January 2017 23:20:07 CET Andrzej Telszewski wrote:
> On 13/01/17 14:53, Matteo Bernardini wrote:
> > 2017-01-13 14:40 GMT+01:00 Sebastien BALLET <slacker6896 at gmail.com>:
> >> Hello,
> >> 
> >> On a clean Slackware, /var/tmp permissions are set to 1777, but once
> >> apache-tomcat is installed, permissions are changed to 755 which can lead
> >> to issues. The attached patch fixes this issue.
> > 
> > thanks Sebastien, nice catch!
> > 
> > I just submitted it in my branch.
> 
> This raises question: aren't you admins using any kind of package
> checking tool?
> If not, would you be interested to have something?
> 
> If we came up with a list of requirements, I could cook something in C
> (or C++), using libarchive.
> 
> Then, the error like the one above would be easily caught.

I'm using lintpkg [1] to check all of my packages. It does have some 
permission checks, but not for /var/tmp, that's why it slipped through. Should 
be easy enough to add though.

Grs,
Heinz

[1] https://github.com/pprkut/lintpkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20170114/35655570/attachment.asc>


More information about the SlackBuilds-users mailing list