packaging-committee

Clone
Source Code
GIT

#96 Remove absolute paths to binaries in $PATH
Closed: Fixed None Opened 12 years ago by toshio.

Closed: Fixed
Reopen Issue

As Ville points out in this post: http://lists.fedoraproject.org/pipermail/packaging/2011-June/007824.html

there doesn't seem to be a reason to use absolute paths for binaries in $PATH in rpm scriptlets. Unless someone can think of a reason, I can make this consistent by removing all the absolute paths to /bin/,/usr/bin,/sbin,/usr/sbin. This borders on clarification but I wanted to bring it up for everyone because I may have forgotten a reason that absolute paths are important here.

There are reasons for using absolute paths:

a) There can be different excutables of the same name in $PATH. Using absolute paths helps avoiding packages to erroniously use the wrong excecutables.

Historic example where his advertedly is being used is "install-info".

It also is very easily imaginable to have cases where sloppily packaged packages may introduce such a conflict or where some "silly convenience package" may deliberately do so.

b) All executables in scriptlets are implicitly or explicitly "Require(pre), Require(post) etc.".
In cases they are explictly required(...), specs need to
Require(pre): <absolute-directory>/<executable>

I.e. packagers need to use absolute paths in any case.

That said, I am leaning towards enforcing the opposite: Disallow using non-absolute paths in scriptlets and am opposed to this proposal.

I think I agree with Ralf. It is better to be safe than sorry, especially in scriptlets.

<tibbs|h> There are two separate issues:
<tibbs|h> One is that scriptlets in the guidelines are inconsistent, and that's bad.
<tibbs|h> The other is what to tell packagers to do in their own scriptlets.

action On item 1, all of our scriptlets should use absolute paths. On Item 2, we should encourage absolute paths for safety, but not require it. (+1:8, 0:1, -1:0)

Just for reference, I can think of two cases where absolute paths in scriplets can cause trouble:

  • A binary moves from /usr/bin to /bin, breaking all current scriplets. This is especially bad for scriplets that are run at package UNINSTALL time, because in the future, we cannot change old packages with already hardcoded paths, and any such package's scriplets would fail at uninstall time.
  • Cross distro compatibility would suffer, because different distros might put binaries in different directories.

Also, RPM is trying to set a safe PATH for scriplets, excluding directories like /usr/local/bin and only including system directories:
{{{
static const char * const SCRIPT_PATH = "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin";
}}}

Thanks to tibbs, this should be now complete.

Metadata Update from @corsepiu:
- Issue assigned to spot
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.