> "Mike A. Harris" wrote:
> > Because I have done so for several years with no problems until
> > last week when I had a "rpm --rebuild" delete several
> > subdirectories on my filesystem during "%clean" stage. RPM
> > should IMHO do anything it does in a chroot()'d jail. Making a
> > user called "rpm" and setting up rpm to build packages as that
> > user, is much safer, ESPECIALLY when constructing and debugging
> > your own packages.
> >
> > So, yes. Security, and safety. _Even_ if you trust the
> > sources. It is easy to make a mistake in a spec file and kiss
> > everything goodbye.
>
> When building as a regular user, how do you get the packages to install
> files owned by root?
>
> When I first started building packages I did it as root, then I found
> out that if I "chown ivanj: -R /usr/src/redhat" I could build as ivanj
> without any problems (AFAIK), until one day someone else installed one
> of my packages. Then I noticed that the files it was installing were
> owned by ivanj. (they didn't have a user ivanj, so it said "ivanj: no
> such user", or something like that) Then I started building as root
> again.
>
> Is this solved in newer versions of rpm, or should I give rpm some other
> parameters? (other than "-bb <package>")
To build as root, you should create ~/.rpmmacros containing something like
this:
[summer@possum summer]$ cat .rpmmacros
%buildroot /tmp/BuildRPM/B%{name}
%_topdir /u02/summer/redhat
%_rpmdir /u02/summer/redhat/RPMS6
%_rpmdir /u02/summer/redhat/RPMS%{_host}
%_builddir /tmp/BuildRPM
%_arch i386
%_target i586
%_target_cpu i586
[summer@possum summer]$
To set post-install file ownerships, you have something like this in your
specs:
[summer@possum summer]$ grep defa redhat/SPECS/a*c
redhat/SPECS/abiword.spec:%defattr(-,root,root)
redhat/SPECS/ant-1.0.8.spec:%defattr(644 root root 755)
[summer@possum summer]$
I prefer the one in abiword; it used the mode values set by the installer.
For more information, read some specs. Eric Raymond's fetchmail is a good
example, it's been trouble-free for ages.
Also read /usr/doc/rpm-*/*
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
