Bug 9399

Summary: find-requires fails for executables without read permissions.
Product: [Retired] Red Hat Linux Reporter: Sam Varshavchik <mrsam>
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-13 19:21:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sam Varshavchik 2000-02-13 17:01:57 UTC 
Some packages install executables that have read permissions turned off.
An example would be NEC's SOCKSV5 proxy, which installs the following in
bindir:

[mrsam@gwl bin]$ ls -al
total 793
drwxr-xr-x   2 mrsam    users        1024 Feb 13 12:03 .
drwxr-xr-x   6 mrsam    users        1024 Feb 13 12:03 ..
---x--x--x   1 mrsam    users      112820 Feb 13 12:03 rarchie
---x--x--x   1 mrsam    users       77060 Feb 13 12:03 rfinger
---x--x--x   1 mrsam    users      135612 Feb 13 12:03 rftp
---x--x--x   1 mrsam    users       77300 Feb 13 12:03 rping
---x--x--x   1 mrsam    users      135552 Feb 13 12:03 rtelnet
---x--x--x   1 mrsam    users       78388 Feb 13 12:03 rtraceroute
-rwxr-xr-x   1 mrsam    users        1202 Feb 13 12:03 runsocks
---x--x--x   1 mrsam    users       77092 Feb 13 12:03 rwhois
-rwxr-xr-x   1 mrsam    users      100108 Feb 13 12:03 socks5
-rwxr-xr-x   1 mrsam    users         674 Feb 13 12:03 stopsocks


Unless this is built as root, find-requires fails because it cannot read
these.

Suggested patch:

*** find-requires.orig  Sun Feb 13 12:06:54 2000
--- find-requires       Sun Feb 13 12:09:10 2000
***************
*** 10,23 ****
--- 10,37 ----
  scriptlist=`echo $filelist | xargs -r file | egrep ":.* (commands|script)
" | cut -d: -f1 `
  liblist=`echo $filelist | xargs -r file | grep "shared object" | cut -d :
-f1 `

+ fudge_perms=1
+ if test -w /etc
+ then
+       fudge_perms=0
+ fi
+
  for f in $exelist; do
      if [ -x $f ]; then
+       do_fudge=0
+       test $fudge_perms = 1 && test ! -r $f && do_fudge=1
+       test $do_fudge = 1 && chmod u+r $f
        ldd $f | awk '/=>/ { print $1 }'
+       test $do_fudge = 0 && chmod u-r $f
      fi
  done | sort -u | sed "s/['\"]/\\\&/g" | xargs -r -n 1 basename | grep -v
'libNoVersion.so' | sort -u

  for f in $liblist; do
+       do_fudge=0
+       test $fudge_perms = 1 && test ! -r $f && do_fudge=1
+       test $do_fudge = 1 && chmod u+r $f
      ldd $f | awk '/=>/ { print $1 }'
+       test $do_fudge = 0 && chmod u-r $f
  done | sort -u | sed "s/['\"]/\\\&/g" | xargs -r -n 1 basename | grep -v
'libNoVersion.so' | sort -u

  for f in $scriptlist; do
Comment 1 Jeff Johnson 2000-02-13 19:21:59 UTC 
This problem appears rather pathological. I don't believe that your
patch is the Right Thing To Do since find-* should have *no* side
effects.

BTW in rpm-3.0.4 there are provisions to append "build root
policies" such as your "chmod +r" to the end of the %install
section using a %__spec_install_post macro. We're currently
compressing man pages and stripping binaries auto-magically
using (in /etc/rpm/macros or some such)

%__spec_install_post    \
    /usr/lib/rpm/brp-compress \
    /usr/lib/rpm/brp-strip \
    /usr/lib/rpm/brp-strip-comment-note \
%{nil}