popt warning
Jeff Johnson
n3npq at mac.com
Tue Feb 23 18:42:18 CET 2016
On Feb 22, 2016, at 5:23 PM, Elan Ruusamäe wrote:
> sometimes i see such message when building packages:
>
> warning: existing POPT configuration file "/usr/lib/rpm/rpmpopt:/usr/lib/rpm/%{_target}/rpmpopt:/etc/rpm/rpmpopt.*:/etc/rpm/rpm
> popt:/etc/rpm/%{_target}/rpmpopt:~/.rpmpopt" considered INSECURE -- not loaded
>
> not always, i.e building same package i sometimes see this and sometimes do not.
> rpm-5.4.15-31.x86_64
>
> any ideas what this is about?
The intent is/was to have poptSaneFile() check permissions on files being read
(non-zero is an error). The mechanism is dependent on adding a leading '@'
to a file path.
int poptSaneFile(const char * fn)
{
struct stat sb;
uid_t uid = getuid();
if (stat(fn, &sb) == -1)
return 1;
if ((uid_t)sb.st_uid != uid)
return 0;
if (!S_ISREG(sb.st_mode))
return 0;
if (sb.st_mode & (S_IWGRP|S_IWOTH))
return 0;
return 1;
}
There may be other returns (from failure to read a file) in poptReadFile() that may trigger the message.
> and it appeared rather recently...
>
hth
73 de Jeff
More information about the pld-devel-en
mailing list