| 1 |
Rich Freeman <rich0@g.o> wrote: |
| 2 |
> On Thu, Nov 17, 2016 at 3:07 PM, Ian Stakenvicius <axs@g.o> wrote: |
| 3 |
>> |
| 4 |
>> Realistically, software should ensure the directories it needs at |
| 5 |
>> runtime are created through their own code, but upstreams are lazy [...] |
| 6 |
> |
| 7 |
> This isn't really being lazy. This is just not re-inventing the |
| 8 |
> wheel. |
| 9 |
|
| 10 |
++ |
| 11 |
Conceptionally, it is also a question of efficiency and clean code |
| 12 |
separation: Why should several independent scripts of e.g. eix first |
| 13 |
care about directories (and force being run with root permissions...). |
| 14 |
More important, the latter is also a security topic: |
| 15 |
|
| 16 |
> or having |
| 17 |
> the program run as root, create directories, and then drop privs. |
| 18 |
|
| 19 |
eix had such code originally, but this required running quite a lot |
| 20 |
of code with root permissions, while now running everything with |
| 21 |
dropped permissions is possible. |
| 22 |
|
| 23 |
One could have written an init-script only to create the |
| 24 |
directories, but instead of providing such support for each |
| 25 |
init system separately, it is perhaps better to use the more |
| 26 |
standard "tmpfiles.d" |
| 27 |
|
| 28 |
>> In those cases, we'd need that rdepend. |
| 29 |
> |
| 30 |
> I tend to agree with this thinking. |
| 31 |
|
| 32 |
++ |
| 33 |
But the argument of Ian is correct: If the user has both |
| 34 |
systemd and openrc installed (and thus virtual/tmpfiles.d |
| 35 |
is satisfied) he would not understand why tmpfiles.d is |
| 36 |
not processed if he starts the system with openrc. |
Archives