[opensuse-packaging] Need help check on Veyon package before submiiting to openSUSE security team.
Hello, I build Veyon package with help form malcolmlewis. https://build.opensuse.org/package/show/home:andythe_great:branches:home:lru... The RPMLINT error show E: polkit-untracked-privilege which it suggest to ask security team about it. I just want to make sure the spec file is correct before submitting to them. Some thing I am not sure is Requires(post): permissions, should I use Requires(post) or Prereq: permissions? I could not fix position-independent-executable-suggested warning even if I add -fPIE flag to it. Kind Regards, Andy -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
30.05.2020 20:22, andythe_great пишет:
Hello,
I build Veyon package with help form malcolmlewis. https://build.opensuse.org/package/show/home:andythe_great:branches:home:lru...
The RPMLINT error show E: polkit-untracked-privilege which it suggest to ask security team about it.
I just want to make sure the spec file is correct before submitting to them.
Some thing I am not sure is Requires(post): permissions, should I use Requires(post) or Prereq: permissions?
PreReq is exactly the same as Requires. Requires guarantees that required package (more precisely - package providing required feature) will be installed before your package and will be removed after your package. Qualified variants (like Required(post)) provide hints to RPM when it computes installation/removal order. E.g. RPM will not consider Requires(preun/postun) when computing installation order or Requires(pre/post) when computing removal order. This may allow break loops in corner cases but I am not sure how useful it is on SUSE. For 2883 packages I have on TW installation there are 71 transactions with more than one package (2-3 packages each). So most packages are installed individually. And I do not see any relation between packages installed in single transaction. It is possible that zypper takes those hints in account when computing installation/removal order. I do not know.
I could not fix position-independent-executable-suggested warning even if I add -fPIE flag to it.
Kind Regards, Andy
-- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
I see, so it might not matter then. On Saturday, May 30, 2020 6:52 PM, Andrei Borzenkov <arvidjaar@gmail.com> wrote:
30.05.2020 20:22, andythe_great пишет:
PreReq is exactly the same as Requires.
Requires guarantees that required package (more precisely - package providing required feature) will be installed before your package and will be removed after your package.
Qualified variants (like Required(post)) provide hints to RPM when it computes installation/removal order. E.g. RPM will not consider Requires(preun/postun) when computing installation order or Requires(pre/post) when computing removal order.
This may allow break loops in corner cases but I am not sure how useful it is on SUSE. For 2883 packages I have on TW installation there are 71 transactions with more than one package (2-3 packages each). So most packages are installed individually. And I do not see any relation between packages installed in single transaction.
It is possible that zypper takes those hints in account when computing installation/removal order. I do not know.
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
participants (2)
-
Andrei Borzenkov -
andythe_great