Proposal: amend the packaging guidelines for %fillup_only
Hi list, our packaging guidelines for %fillup_only [1] currently do not suggest anything for the %files section for the files generated in `/etc/sysconfig/`. I would like to suggest that we start adding the newly generated file `/etc/sysconfig/$pkgname` as follows to the %files section: --8<---------------cut here---------------start------------->8--- %files %ghost %config(noreplace) %attr(0600,root,root) /etc/sysconfig/%{name} %dir /etc/sysconfig --8<---------------cut here---------------end--------------->8--- This ensures that rpm is aware of the files as configuration files. Thoughts, opinions? Cheers, Dan Footnotes: [1] https://en.opensuse.org/openSUSE:Packaging_Conventions_RPM_Macros#%fillup_on... -- Dan Čermák <dcermak@suse.com> Software Engineer Development tools SUSE Software Solutions Germany GmbH Frankenstr. 146 90461 Nürnberg Germany www.suse.com Geschäftsführer: Ivo Totev, Andrew McDonald, Werner Knoblich (HRB 36809, AG Nürnberg)
Aaron Puchert <aaronpuchert@alice-dsl.net> writes:
Am 24.08.23 um 13:06 schrieb Dan Čermák via openSUSE Factory:
%files %ghost %config(noreplace) %attr(0600,root,root) /etc/sysconfig/%{name} %dir /etc/sysconfig
Not directly related, but all files in my /etc/sysconfig have mode 0644. Are you suggesting to change that?
Hm, I think we should leave the permissions up to the packager. There are packages where you might put sensitive data into the config file and hence having it world readable is not a good idea. For other packages it might be required. Cheers, Dan -- Dan Čermák <dcermak@suse.com> Software Engineer Development tools SUSE Software Solutions Germany GmbH Frankenstr. 146 90461 Nürnberg Germany www.suse.com Geschäftsführer: Ivo Totev, Andrew McDonald, Werner Knoblich (HRB 36809, AG Nürnberg)
Hello, Am Donnerstag, 24. August 2023, 13:06:24 CEST schrieb Dan Čermák:
our packaging guidelines for %fillup_only [1] currently do not suggest anything for the %files section for the files generated in `/etc/sysconfig/`. I would like to suggest that we start adding the newly generated file `/etc/sysconfig/$pkgname` as follows to the %files section: --8<---------------cut here---------------start------------->8--- %files %ghost %config(noreplace) %attr(0600,root,root) /etc/sysconfig/%{name}
Adding a %ghost is a good idea. Looking at Aaron's question, I'd propose to add a note that the packager can/should choose between 600 or 644 permissions. (But: I don't know if the permissions are relevant for %ghost at all.)
%dir /etc/sysconfig
/etc/sysconfig/ is part of the "filesystem" package, therefore I'd say there's no need to (also) package it in other packages. Regards, Christian Boltz PS: Bonus points if you grep ARCHIVES.gz for all packages that installl something in /usr/share/fillup-templates/, and send SRs to update their spec file ;-) -- I'm quite sure I can't answer all of the questions but I've certainly done all the mistakes ;) [Bengt Gördén in opensuse]
Am 24/08/2023 um 13:06 schrieb Dan Čermák:
Hi list,
our packaging guidelines for %fillup_only [1] currently do not suggest anything for the %files section for the files generated in `/etc/sysconfig/`. I would like to suggest that we start adding the newly generated file `/etc/sysconfig/$pkgname` as follows to the %files section: --8<---------------cut here---------------start------------->8--- %files %ghost %config(noreplace) %attr(0600,root,root) /etc/sysconfig/%{name} %dir /etc/sysconfig --8<---------------cut here---------------end--------------->8---
This ensures that rpm is aware of the files as configuration files.
Hmm, probably I'm doing something wrong. I tried it by adding %ghost %config(noreplace) %{_sysconfdir}/sysconfig/locate to the %files section and I got [ 19s] plocate.i586: E: filelist-forbidden-sysconfig (Badness: 10000) /etc/sysconfig/locate [ 19s] Please use %{_fillupdir}/sysconfig.<pkgname> and call %fillup_and_insserv for [ 19s] new sysconfig files. But a call to %{fillup_only} is already present in the %post section. Cheers, Manfred
Thoughts, opinions?
Cheers,
Dan
Footnotes: [1] https://en.opensuse.org/openSUSE:Packaging_Conventions_RPM_Macros#%fillup_on...
participants (4)
-
Aaron Puchert -
Christian Boltz -
Dan Čermák -
Manfred Schwarb