Description of Problem: There is a setuid and a setgid program. They are chmod'd in the %install, rather than using %attr to be set up at rpm install time. [alane@wwweasel alane]$ cat misc/patches/kdebase.spec-non-root.patch 191,192c191,193 < chmod 4755 $RPM_BUILD_ROOT%{prefix}/bin/kcheckpass < chmod 2755 $RPM_BUILD_ROOT%{prefix}/bin/kdesud --- > # use %attr() below, this breaks on non-root build > #chmod 4755 $RPM_BUILD_ROOT%{prefix}/bin/kcheckpass > #chmod 2755 $RPM_BUILD_ROOT%{prefix}/bin/kdesud 271c272 < cat $RPM_BUILD_DIR/file.list.%{pkg} |grep -v '/bin/kdesud$' |grep -v '/usr/share/config' |grep -v '/etc' |grep -v '/usr/bin$' |grep -v '/usr/lib$' |grep -v '/usr/share$' |grep -v '/usr$' |grep -v '/usr/sbin$' |grep -v '/usr/share$' |grep -v '/usr/bin/konsole_grantpty$' >$RPM_BUILD_DIR/file.list.%{pkg}.tmp --- > cat $RPM_BUILD_DIR/file.list.%{pkg} |grep -v '/bin/kdesud$' |grep -v 'kcheckpass$' |grep -v '/usr/share/config' |grep -v '/etc' |grep -v '/usr/bin$' |grep -v '/usr/lib$' |grep -v '/usr/share$' |grep -v '/usr$' |grep -v '/usr/sbin$' |grep -v '/usr/share$' |grep -v '/usr/bin/konsole_grantpty$' >$RPM_BUILD_DIR/file.list.%{pkg}.tmp 324a326 > %attr(4755,root,root) %{prefix}/bin/kcheckpass [alane@wwweasel alane]$
It works the way things are. Our build system actually builds all packages as non-root. Any user can make a file he owns setuid (to his own user ID), therefore the chmod commands are OK. rpm takes care of switching the owner (and thereby the user the application runs as). If you can't rebuild the package, chances are you're trying to build on a filesystem that was mounted with nosuid.