popt warning

Jeff Johnson n3npq at mac.com
Tue Feb 23 19:24:12 CET 2016 

On Feb 23, 2016, at 12:58 PM, Elan Ruusamäe wrote:

> On 23.02.2016 19:42, Jeff Johnson wrote:
>> On Feb 22, 2016, at 5:23 PM, Elan Ruusamäe wrote:
>> 
>>> sometimes i see such message when building packages:
>>> 
>>> warning: existing POPT configuration file "/usr/lib/rpm/rpmpopt:/usr/lib/rpm/%{_target}/rpmpopt:/etc/rpm/rpmpopt.*:/etc/rpm/rpm
>>> popt:/etc/rpm/%{_target}/rpmpopt:~/.rpmpopt" considered INSECURE -- not loaded
>>> 
>>> not always, i.e building same package i sometimes see this and sometimes do not.
>>> rpm-5.4.15-31.x86_64
>>> 
>>> any ideas what this is about?
>> The intent is/was to have poptSaneFile() check permissions on files being read
>> (non-zero is an error). The mechanism is dependent on adding a leading '@'
>> to a file path.
>> 
>> int poptSaneFile(const char * fn)
>> {
>>     struct stat sb;
>>     uid_t uid = getuid();
>> 
>>     if (stat(fn, &sb) == -1)
>>         return 1;
>>     if ((uid_t)sb.st_uid != uid)
>>         return 0;
>>     if (!S_ISREG(sb.st_mode))
>>         return 0;
>>     if (sb.st_mode & (S_IWGRP|S_IWOTH))
>>         return 0;
>>     return 1;
>> }
>> 
>> There may be other returns (from failure to read a file) in poptReadFile() that may trigger the message.
> 
> so, any of those files should be group or other writable to produce the warning...
> 

Yes but ... the poptSaneFile() mechanism is "opt in", turned on with an '@' prefix on a file path.

> 
> ➔ for a in $(rpm -E /usr/lib/rpm/rpmpopt:/usr/lib/rpm/%{_target}/rpmpopt:/etc/rpm/rpmpopt.*:/etc/rpm/rpmpopt:/etc/rpm/%{_target}/rpmpopt:~/.rpmpopt|tr ':' ' '); do ls -ld $a; done
> -rw-r--r-- 1 root root 20977 29. nov   14:30 /usr/lib/rpm/rpmpopt
> ls: cannot access '/usr/lib/rpm/x86_64-linux/rpmpopt': No such file or directory
> ls: cannot access '/etc/rpm/rpmpopt.*': No such file or directory
> ls: cannot access '/etc/rpm/rpmpopt': No such file or directory
> ls: cannot access '/etc/rpm/x86_64-linux/rpmpopt': No such file or directory
> ls: cannot access '~/.rpmpopt': No such file or directory
> 
>> 

Not the right test: all files except the first mentioned as config files are permitted to be missing.

Something else is going on if this is recent behavior. All of this code in popt/rpm
was written a long time ago.

The non-reproducibility, and the claim that this is a recently changed behavior, also indicate
that something else is happening.

Are you running in a chroot with files that are being removed?

Is there a signal being sent that is interrupting one of these system calls (in poptReadFile)

    if ((nb = lseek(fdno, 0, SEEK_END)) == (off_t)-1
     || lseek(fdno, 0, SEEK_SET) == (off_t)-1
     || (b = (char*) calloc(sizeof(*b), (size_t)nb + 1)) == NULL
     || read(fdno, (char *)b, (size_t)nb) != (ssize_t)nb)
    {
        int oerrno = errno;
        (void) close(fdno);
        errno = oerrno;
        goto exit;
    }
    if (close(fdno) == -1)
        goto exit;

hth

73 de Jeff



> 
> 
> -- 
> glen
> 
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en

More information about the pld-devel-en mailing list