Mass bug proposal: packages that auto-enable systemd units
Andrew Lutomirski
luto at mit.edu
Tue Apr 22 18:50:06 UTC 2014
Hi all-
I propose a mass bug against packages that install services and enable
them without using the preset mechanism. Some of these can be
security issues if they get installed as dependencies.
As a related issue, it may pay to review the default presets. For
example, rpcbind is enabled. This seems bad.
I know of three of these bugs that already exist:
https://bugzilla.redhat.com/show_bug.cgi?id=1089650
https://bugzilla.redhat.com/show_bug.cgi?id=1087951
https://bugzilla.redhat.com/show_bug.cgi?id=1087950
The text would be:
--- cut here ---
A number of packages install systemd units and enable them
automatically. They should not. Please update the package to use the
macroized scriptlet
(https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd).
If your package has an exception from FESCo permitting it to enable
itself, please make sure that the service in question is listed in the
appropriate preset file.
Given that this issue can affect Fedora 20 users who install your
package as a dependency, these bugs should be fixed in Fedora 20 and
Rawhide.
The affected packages are:
OpenIPMI
at
avahi
avahi-dnsconfd
bcfg2
bcfg2-server
bwbar
cronie
deltacloud-core
device-mapper-multipath
dmapd
exim
fsniper
gpm
groonga
hsqldb
iscsi-initiator-utils
jabberd
libvirt
libvirt-client
lvm2
mailman
mdadm
monit
openct
opendkim
openssh-server
partimage
rhnsd
rinetd
rpcbind
sendmail
varnish
vdsm
xrdp
yum-cron
yum-updatesd
--- cut here ---
More information about the devel
mailing list