On Dec 19, 2008, at 11:11 AM, Ralf S. Engelschall wrote:
On Fri, Dec 19, 2008, Ralf S. Engelschall wrote:On Fri, Dec 19, 2008, Jeff Johnson wrote:(resent, dunno where the 1st message went)I don't know, never seen on the list...I kind of like the idea of using a '@' before a file path as an"attention" marker to increase the file validation checks, and so I'm likely to refactor the functionality out of rpm and into popt-1.15 aspart of simplifying rpm configuration/initialization. At the same time, I will probably add a new poptReadConfigFiles()method whose argument will be a colon separated list of configurationfile paths to read. Any other opinions?As long as the particular security check (here rpmSecuritySaneFile for RPM_VENDOR_OPENPKG) embedded into POPT can be optionally stilloverridden from within RPM (in case one needs some additional checks ora different error message or whatever) I'm happy. Perhaps an optional callback does the trick.BTW, under RPM_VENDOR_OPENPKG the "@" attention marker is not just usedfor POPT files. It is also used for RPM macro files and Lua script files! So, please be careful that instead of a "factoring out" not a "partial removal" happens to the functionality.
Understood. What I like is the idea of a '@' attention in-band, not which particular
config file reading has chosen '@' attention.I will likely drill similar into lua bootstrapping (if not there already).
I like consistency no matter what. But there are other issues to deal with there permitting external system lua module loading that have to be addressed. I have no intent of changing anything, but as you know, the embedded lua is all snarled up throughout rpm misc/rpmio/lib ...
For completeness reasons, here is how OpenPKG 4 configures RPM 5: | [...] | # determine POPT option, RPM macros and Lua script file paths | RPMPOPT="%{l_prefix}/lib/openpkg/rpmpopt" | RPMPOPT="$RPMPOPT:%{l_prefix}/etc/openpkg/rpmpopt" | RPMPOPT="$RPMPOPT:%{l_prefix}/etc/openpkg/rpmpopt.d/*" | RPMPOPT="$RPMPOPT:~/.openpkg/rpmpopt" | RPMPOPT="$RPMPOPT:@../../.openpkg/rpmpopt" | RPMPOPT="$RPMPOPT:@../.openpkg/rpmpopt" | RPMPOPT="$RPMPOPT:@./.openpkg/rpmpopt" | RPMMACROS="%{l_prefix}/lib/openpkg/rpmmacros" | RPMMACROS="$RPMMACROS:%{l_prefix}/etc/openpkg/rpmmacros" | RPMMACROS="$RPMMACROS:%{l_prefix}/etc/openpkg/rpmmacros.d/*" | RPMMACROS="$RPMMACROS:~/.openpkg/rpmmacros" | RPMMACROS="$RPMMACROS:@../../.openpkg/rpmmacros" | RPMMACROS="$RPMMACROS:@../.openpkg/rpmmacros" | RPMMACROS="$RPMMACROS:@./.openpkg/rpmmacros" | RPMLUA="%{l_prefix}/lib/openpkg/rpmlua" | RPMLUA="$RPMLUA:%{l_prefix}/etc/openpkg/rpmlua" | RPMLUA="$RPMLUA:%{l_prefix}/etc/openpkg/rpmlua.d/*" | RPMLUA="$RPMLUA:~/.openpkg/rpmlua" | RPMLUA="$RPMLUA:@../../.openpkg/rpmlua" | RPMLUA="$RPMLUA:@../.openpkg/rpmlua" | RPMLUA="$RPMLUA:@./.openpkg/rpmlua" | | # configure program | ./configure \ | --cache-file=./config.cache \ | --prefix=%{l_prefix} \ | --mandir="%{l_prefix}/man" \ | --includedir="%{l_prefix}/include/openpkg" \ | --with-name="OpenPKG RPM" \ | --with-path-cfg="%{l_prefix}/etc/openpkg" \ | --with-path-rpmpopt="$RPMPOPT" \ | --with-path-macros="$RPMMACROS" \ | --with-path-rpmlua="$RPMLUA" \ | [...] As you can see, the attention markers are especially used on all pathsrelative to the current working directory. This allows OpenPKG to use a very flexible file-system layout with RPM (based on some additional RPMmacro hacking) while at the same time not open a security hole.
Thanks for the clear and explcit example, that will help me find what I'm
not supposed to break ;-) 73 de Jeff
smime.p7s
Description: S/MIME cryptographic signature