Installing samba-2.0.5a-1.i386.rpm with a root umask of 027 leaves /etc/services and /etc/inetd.conf not readable globally. Many network client programs (such as ftp) need to read /etc/services to find well-known port numbers. The situation is worsened because errata RHSA-1999:022-02 suggests using "rpm -e samba" before upgrading to 2.0.5a-1. So all users with a conservative umask that upgrade using the errata instructions will be caught. The philosophy of package management suggests that the umask of the installing user should have no effect on the permissions of the installed files. Fix: Today: request users type "umask 022" before using RPM. Short-term: add "umask 022" to the start of the samba post-install script. Long-term: RPM should set the umask for install scripts to a well-known value (such as 022) before executing the script. Environment: RH6.0 with all current errata applied. $ uname -a Linux andromache.itd.adelaide.edu.au 2.2.5-22 #1 Wed Jun 2 08:45:51 EDT 1999 i486 unknown $ rpm -q samba samba-2.0.5a-1 $ rpm -q samba-client samba-client-2.0.5a-1 $ rpm -q rpm rpm-3.0.2-6.0
Acutally, if they follow the instructions, the broken %postun script will *not* get run, so they should be OK... the %postun script is fixed in the latest samba RPM in Raw Hide.