[Mageia-dev] [changelog] [RPM] cauldron core/release nfs-utils-1.2.6-2.mga3

Olivier Blin mageia at blino.org
Thu Jun 14 22:23:07 CEST 2012


Colin Guthrie <mageia at colin.guthr.ie> writes:

[...]

>>>> Now installing a kernel spits those messages:
>>>> libkmod: conf_files_filter_out: Directories inside directories are not
>>>> supported: /lib/modprobe.d/nfs.conf
>>>> (...)
>>> We currently have no such /lib/modprobe.d directory in the
>>> distribution, only /etc/modprobe.d. I guess our kmod package doesn't
>>> support it yet, but should sooner or later. If I'm wrong, it's easy to
>>> switch back to /etc/modprobe.d instead.
>> 
>> Actually, you installed the file as /lib/modprobe.d/nfs.conf/nfs.conf
>> I've removed the extra directory level.
>> 
>> But we should probably use /etc/modprobe.d/nfs.conf instead.
>
> IMO we should not use /etc/ here. /etc/ should be the domain of
> administrator changes. IMO packages should always use /lib/ (or
> eventually /usr/lib/) for such things. I've been pushing for this proper
> separation for a while. udev and systemd do it properly although we do
> still ship several udev files in /etc/udev/rules.d/ in packages which
> should, by rights, be in /lib/udev/rules.d/

Yes, but currently, kmod and other system packages install modprobe
config files in /etc/modprobe.d:
$ rpm -qf /etc/modprobe.d/*
kmod-8-1.mga3
kmod-8-1.mga3
kmod-8-1.mga3
cups-common-1.5.3-5.mga3
kmod-8-1.mga3
kmod-8-1.mga3
sound-scripts-0.62-9.mga3

To be consistent, I moved the nfs-utils file there

> dbus upstream is still a big offender with policy files often ending up
> in /etc/dbus-1/system.d/ rather than in a /lib/ tree. This can and does
> sometimes have security implications, e.g. with the privilege escalation
> I recently reported regarding sectool:
> https://bugzilla.redhat.com/show_bug.cgi?id=809437
>
> The policy file in question was marked with %config(noreplace) as it was
> in /etc. But really this is a policy file which shouldn't be modified by
> users. Therefore it shouldn't be marked as noreplace and it shouldn't
> live in /etc/

Well, system administrators might want to change the default dbus
permissions.

> So, if the /lib/modprobe.d/ dir isn't parsed by kmod, we should fix kmod.

It seems it is parsed by kmod, but this doesn not seem to be mentionned
in the doc, and no package owns the dir...

I agree about moving modprobe config file into a system dir, but things
have to be done properly (with doc, proper directory owning, and all
packages doing the same).

-- 
Olivier Blin - blino


More information about the Mageia-dev mailing list