On Mon, Mar 19, 2018 at 8:21 AM, <cheese(a)nosuchhost.net> wrote:
On Mon, 12 Mar 2018, Paul W. Frields wrote:
> The introduction of non-persistent /run has apparently created an
> issue where some RPM packages raise verification issues depending on
> the umask present when a process from that package starts. The issue
> is further explained in a tracking bug here:
Can not check that bug, as it is an internal one at least i have no
permission to read that.
That's my fault, linked improperly. Ignore it as it's a private bug.
It's not useful anyway, the later bug is.
> While arguably not a showstopper for Fedora, it's certainly
> annoyance to have RPMs not verify post-installation when a packaged
> service is started. This situation's also potentially harmful
> downstream to RHEL. It means that customers who have to go through
> audit processes for STIG compliance will get dinged (even if
> explainable) for this packaging issue.
> Note that in the tracking bug above, there's a reference to a specific
> example which was fixed appropriately for resource-agents:
> Would packaging folks agree that it's worth fixing files not using
> tmpfiles.d (https://fedoraproject.org/wiki/Packaging:Tmpfiles.d
) to do
Thanks for input here.