SPECS: bind.spec - please, check fist,
look at mailing list. rever...
Elan Ruusamäe
glen at delfi.ee
Fri Jun 17 10:31:01 CEST 2005
On Friday 17 June 2005 10:59, you wrote:
a:
> +%attr(660,named,named) %config(noreplace,missingok) %verify(not md5 size
> mtime) %{_var}/log/named*
b:
> #Something like that should be added...
> #%attr(660,named,named) %ghost %{_var}/lib/named/named.log
> #%attr(660,named,named) %ghost %{_var}/lib/named/named.stats
do you mean that the a) should be replaced with b) ?
i suggest then in %install:
> $RPM_BUILD_ROOT%{_var}/lib/named/named.log
> $RPM_BUILD_ROOT%{_var}/lib/named/named.stats
and in %post, touch the files again, plus chown / chmod
like in glibc:
%post -n nscd
/sbin/chkconfig --add nscd
touch /var/log/nscd
chmod 000 /var/log/nscd
chown root:root /var/log/nscd
chmod 640 /var/log/nscd
if [ -f /var/lock/subsys/nscd ]; then
/etc/rc.d/init.d/nscd restart 1>&2
else
echo "Run \"/etc/rc.d/init.d/nscd start\" to start nscd daemon." 1>&2
fi
i don't know reason for chmod 000, so ask smb else of this, but i guess it's
something to do with race attack against suid bit :)
altho
if [ ! -f /var/log/nscd ]; then
install /dev/null -oroot -groot -m640 /var/log/nscd
fi
could work same way
--
glen
More information about the pld-devel-en
mailing list