1 |
Yesterday we upgraded net-libs/nss_ldap/nss_ldap-207.ebuild to |
2 |
net-libs/nss_ldap/nss_ldap-207-r1.ebuild and encountered an IMO fatal |
3 |
error concerning writing into /etc *without* respecting the protection |
4 |
of conf-files. |
5 |
|
6 |
The relevant lines from src_install() of the different ebuilds are: |
7 |
|
8 |
nss_ldap-202.ebuild: |
9 |
dosym /etc/openldap/ldap.conf /etc/ldap.conf |
10 |
(That's ok) |
11 |
|
12 |
nss_ldap-207.ebuild: |
13 |
insinto /etc/openldap |
14 |
doins ldap.conf |
15 |
dosym /etc/openldap/ldap.conf /etc/ldap.conf |
16 |
(That's ok) |
17 |
|
18 |
Until here /etc/ldap.conf was a symlink which was created or maintained |
19 |
also by at least one other package (openldap itself), but |
20 |
|
21 |
nss_ldap-207-r1.ebuild changed it totally: |
22 |
insinto /etc |
23 |
doins ldap.conf |
24 |
|
25 |
So the symlink was overwritten with the vanilla configuration what - in |
26 |
our case - caused several applications which depend on ldap to not work |
27 |
properly any longer. That was really bad. |
28 |
|
29 |
How can one prevent such an IMO unacceptable behavior of overwriting |
30 |
config-files which are symlinks? Should this be seen as bug in |
31 |
gentoo/emerge? |
32 |
|
33 |
Have the changes described above to be reported as bug in nss_ldap? |
34 |
|
35 |
How can we ensure the integrity of conf-files used by more than one |
36 |
package when different packages use different locations for the *same* |
37 |
configuration (a bad thing anyway)? |
38 |
|
39 |
Martin |
40 |
|
41 |
-- |
42 |
gentoo-dev@g.o mailing list |