On Sun, Sep 13, 2009 at 10:13:46PM -0700, Russ Allbery wrote: > Aurelien Jarno <aure...@debian.org> writes: > > > The libc6 package ships a lintian override file, as the libc binaries to > > not behave the same as the other "normal" packages. With multiarch > > coming, it would be nice to at least do not have an architecture > > specific override file. For that lintian could at lest implement special > > casing for the following overrides: > > > | # ld.so must be executable, otherwise the system will not work > > | libc6: shlib-with-executable-bit lib/ld-2.10.1.so 0755 > > Will be fixed in the next release. > > > | # It is normal that the ELF dynamic linker does not need any other library > > | libc6: shared-lib-without-dependency-information ./lib/ld-2.10.1.so > > Looks like we already got this one a while back for /lib, but not for > /lib32 or /lib64. Added for the next release. > > > | # ldconfig must be executable even when the libc is not configured, and > > | # thus must be linked statically > > | libc6: statically-linked-binary ./sbin/ldconfig > > Will also be fixed in the next releaes. > > > | # pt_chown must be setuid root, otherwise non-root users won't be able > > | # to login > > | libc6: setuid-binary usr/lib/pt_chown 4755 root/root > > This one is a bit of a special case in that Lintian doesn't maintain any > list of binaries that are expected to be setuid. The idea here is that > the Lintian override is documentation that the package maintainer knows > the setuid binary is there and has audited it. (Well, I see that's not > entirely true since Lintian allows setuid binaries with -suid in the name > and ones that are linked against the console graphics library. I wonder > if we should remove those.)
Thanks for all of that, I am looking forward to the next version :) > BTW, while testing the modifications, I noticed that libc-bin doesn't > have a versioned dependency on libc6 and that's also producing a Lintian > error. I assume that's because libc6 depends on libc-bin. Should we add > an exception for that as well? > It's necessary because it chokes apt and aptitude from lenny to have a dependency loop (but dpkg is fine). I hope that sooner or later we can restore this dependency, so I think I'll put an override instead. Thanks, Aurelien -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
