From: Ralf S. Engelschall <rse+rpm-devel@rpm5.org>
Date: Sun 04 Jan 2009 - 17:07:37 CET
Message-ID: <20090104160737.GA84901@engelschall.com>
In OpenPKG I've a "sasl" package which contains a
%{l_prefix}/var/sasl/log directory which in the %files section is
configured via...

| %dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log

The directory is also created just fine (%{l_susr} is defined to "root"
and "%{l_sgrp}" is defined to "wheel" on this platform FreeBSD):

| $ cd var/sasl/
| $ ls -l log
| drwx------  2 root      wheel       2 Jan  4 15:39 log

The interesting aspect is that in all OpenPKG software stacks where
"sasl" is installed (and which I currently have at hand myself) RPM 5
thinks the group "wheel" of the "log" directory is wrong:

| $ /v/ecamp/sw/bin/openpkg rpm -V sasl
| ......G.    /v/ecamp/sw/var/sasl/log

Although RPM really knows that the group should be "wheel":

| $ /v/ecamp/sw/bin/openpkg rpm -qlv sasl | grep var
| drwxr-xr-x 2 ecamp-sw      ecamp-sw-r           0 Jan  4 15:39 /v/ecamp/sw/var/sasl
| drwx------ 2 root          wheel                0 Jan  4 15:39 /v/ecamp/sw/var/sasl/log
| drwxr-xr-x 2 ecamp-sw      ecamp-sw-r           0 Jan  4 15:39 /v/ecamp/sw/var/sasl/run
| drwxr-xr-x 2 ecamp-sw      ecamp-sw-r           0 Jan  4 15:39 /v/ecamp/sw/var/sasl/run/saslauthd

And "wheel" is just the name of GID "0" and there is also really just
one in /etc/group, of course:

| $ grep :0: /etc/group
| wheel:*:0:root

So, what can I do? Can this be debugged in more depth? Either there is
something very silly I overlooked or we have a little subtle bug in RPM
5 here...

The RPM 5 in question is 5.1.6, BTW:

| $ /v/ecamp/sw/bin/openpkg rpm --version
| rpm (OpenPKG RPM) 5.1.6

Oh, one more hint: I've a directory with also permissions 700 and owner
"root" but a non-0-group in another package and this verifies just fine.
So, I think it is really related to this 0 GID "wheel".

One more hint: it also happens on files, not just directories (and this
time also with a different package -- the "S" and "5" are correct BTW,
as the file was modified by me):

| $ /v/ecamp/sw/bin/openpkg rpm -qlfv /v/ecamp/sw/etc/sudo/sudoers | grep etc/sudo/sudoers
| -r-------- 1 root  wheel  715 Jan  4 15:38 /v/ecamp/sw/etc/sudo/sudoers
| $ ls -l /v/ecamp/sw/etc/sudo/sudoers
| -r--------  1 root  wheel  781 Jan  4 16:49 /v/ecamp/sw/etc/sudo/sudoers
| $ /v/ecamp/sw/bin/openpkg rpm -V sudo
| S.5...GT  c /v/ecamp/sw/etc/sudo/sudoers

So, I think we have a problem in veryfying GID-0 based files or directories...

                                       Ralf S. Engelschall
Received on Sun Jan 4 17:07:44 2009
