[Slackbuilds-users] Package verification at SBo [was: apache-tomcat slackbuild silently changes /var/tmp permissions]

Andrzej Telszewski atelszewski at gmail.com
Sun Jan 15 01:02:54 UTC 2017


On 14/01/17 11:41, Heinz Wiesinger wrote:
> On Friday, 13 January 2017 23:20:07 CET Andrzej Telszewski wrote:
>> On 13/01/17 14:53, Matteo Bernardini wrote:
>>> 2017-01-13 14:40 GMT+01:00 Sebastien BALLET <slacker6896 at gmail.com>:
>>>> Hello,
>>>>
>>>> On a clean Slackware, /var/tmp permissions are set to 1777, but once
>>>> apache-tomcat is installed, permissions are changed to 755 which can lead
>>>> to issues. The attached patch fixes this issue.
>>>
>>> thanks Sebastien, nice catch!
>>>
>>> I just submitted it in my branch.
>>
>> This raises question: aren't you admins using any kind of package
>> checking tool?
>> If not, would you be interested to have something?
>>
>> If we came up with a list of requirements, I could cook something in C
>> (or C++), using libarchive.
>>
>> Then, the error like the one above would be easily caught.
>
> I'm using lintpkg [1] to check all of my packages. It does have some
> permission checks, but not for /var/tmp, that's why it slipped through. Should
> be easy enough to add though.
>
> Grs,
> Heinz
>
> [1] https://github.com/pprkut/lintpkg

I had something like _lintpkg_ on my mind for some time.
It will probably happen one day that I will take the ideas from there 
and code it in C.

BTW, for you (admins) it would make sense to replace /sbin/makepkg with 
a wrapper that will first run the lint on not yet packaged directory, 
and then call the real makepkg.
This would save a bit of a time, especially on bigger stuff.
Well, maybe you're already doing this ;-)

-- 
Best regards,
Andrzej Telszewski


More information about the SlackBuilds-users mailing list