| 1 |
Yesterday we upgraded net-libs/nss_ldap/nss_ldap-207.ebuild to |
| 2 |
net-libs/nss_ldap/nss_ldap-207-r1.ebuild and encountered an IMO fatal |
| 3 |
error concerning writing into /etc *without* respecting the protection |
| 4 |
of conf-files. |
| 5 |
|
| 6 |
The relevant lines from src_install() of the different ebuilds are: |
| 7 |
|
| 8 |
nss_ldap-202.ebuild: |
| 9 |
dosym /etc/openldap/ldap.conf /etc/ldap.conf |
| 10 |
(That's ok) |
| 11 |
|
| 12 |
nss_ldap-207.ebuild: |
| 13 |
insinto /etc/openldap |
| 14 |
doins ldap.conf |
| 15 |
dosym /etc/openldap/ldap.conf /etc/ldap.conf |
| 16 |
(That's ok) |
| 17 |
|
| 18 |
Until here /etc/ldap.conf was a symlink which was created or maintained |
| 19 |
also by at least one other package (openldap itself), but |
| 20 |
|
| 21 |
nss_ldap-207-r1.ebuild changed it totally: |
| 22 |
insinto /etc |
| 23 |
doins ldap.conf |
| 24 |
|
| 25 |
So the symlink was overwritten with the vanilla configuration what - in |
| 26 |
our case - caused several applications which depend on ldap to not work |
| 27 |
properly any longer. That was really bad. |
| 28 |
|
| 29 |
How can one prevent such an IMO unacceptable behavior of overwriting |
| 30 |
config-files which are symlinks? Should this be seen as bug in |
| 31 |
gentoo/emerge? |
| 32 |
|
| 33 |
Have the changes described above to be reported as bug in nss_ldap? |
| 34 |
|
| 35 |
How can we ensure the integrity of conf-files used by more than one |
| 36 |
package when different packages use different locations for the *same* |
| 37 |
configuration (a bad thing anyway)? |
| 38 |
|
| 39 |
Martin |
| 40 |
|
| 41 |
-- |
| 42 |
gentoo-dev@g.o mailing list |
Archives