On Wed, 12 Nov 2014, Jakub Hrozek wrote:
Hi,
a downstream installation test was failing with our recent packaging
changes that involve creatig the sssd user. It turns out that
sssd-krb5-common (which contains krb5_child, owned by the sssd user) got
installed by yum before sssd-common, which creates the sssd user during
the %pre scriptlet.
I spent some time talking to the RPM developers on IRC and the result
was this RPM bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1163086
The RPM developers suggest that the bug might still be in SSSD, but we
couldn't figure out anything that would cause sssd-krb5-common to be
installed before sssd-common, as the sssd-krb5-common subpackage
Requires sssd-common.
In downstream, I worked around the issue by creating the sssd user
(unless it exists already) in each subpackage that owns files as the
sssd user. I know it's a hack, but it was the only way we could unblock
the downstream soon.
Now my question is whether to also include the same change in downstream
spec as well? It's clearly a workaround, but at the same time, it might
hit users of our downstream spec, so I say we should include the same
change as well.
Also, does anyone spot an issue with our Requires? I couldn't see any,
but maybe I just overlooked it..
If you are requiring a package to be installed
before this one is
installed, it should be in PreReq:, not in Requires:.
%package krb5-common
Summary: SSSD helpers needed for Kerberos and GSSAPI authentication
Group: Applications/System
License: GPLv3+
Conflicts: sssd < %{version}-%{release}
Requires: cyrus-sasl-gssapi
PreReq: sssd-common = %{version}-%{release}
--
/ Alexander Bokovoy