-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stepan Kasal wrote:
Hello,
On Thu, Aug 23, 2007 at 09:11:10AM -0700, Toshio Kuratomi wrote:
> New clarified language. Packaging Guidelines:
> '''
> In general, your package should own all of the directories that it
> creates but the situation is more complex than in the case of files
> because many packages put files into the same directories.
the second half of the sentence really confuses me.
I suggest to put period after "creates".
> The rule of
> thumb is that your package should own all of the directories it creates
repeated again?
> except those owned by packages which your package depends on.
ok
> *However, there are times when you should own more than this.*
Again, this puzzles me. I would say:
"In certain situations, a directory may be owned by two packages.
Typically, more than one package has files in a common directory, but
none of them requires another of them--in that case, each of them
shall own the directory."
> If the directory
> hierarchy your package is located in may change due to updates of
> packages you depend on, then you need to take care to own those pieces
> of the hierarchy.
This might be correct, but I'm not able to decipher it; perhaps I
have not encountered such a situation yet.
> [snip examples]
>
> In any case, there should never be any unowned directories after a
> package is uninstalled from the system.
Again, I would rephrase. Something like:
"In any case, a system may never contain a file owned by an installed
package whoch would lay below an unowned directory.
(That's because such a directory would remain on the system after the
corresponding package has been removed.)"
I didn't want to tear up the existing guidelines more than necessary.
But I agree that the wording leaves something to be desired. How about:
'''
Directory ownership is a little more complex than file ownership.
Although the rule of thumb is the same: own all the directories you
create but none of the directories of packages you depend on, there are
several instances where it's desirable for multiple packages to own a
directory. Examples of this are:
1) The package you depend on to provide a directory may choose to own a
different directory in a later version and your package will run
unmodified with that later version.
[perl module example here]
2) Multiple packages have files in a common directory but none of them
requires others.
[hierarchy example here]
In all cases we are guarding against unowned directories being present
on a system. Unowned directories are affected by the umask of the user
installing the package and thus can be a security risk or lead to
packages which won't run.
'''
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iD8DBQFGzct8X6yAic2E7kgRAqC3AJ9GPui1N01ZhbfkK1UpQ9apCMnzeQCeL57r
5HQXjwmWXl4xJgt224Vci+I=
=3ygx
-----END PGP SIGNATURE-----