From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux alpha; en-US; rv:0.9.6) Gecko/20011120
Description of problem:
The SNMP agent does not return the list of installed software.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. On a machine running snmpd issue the command:
snmpwalk localhost public host.hrSWInstalled
Actual Results: No data is returned.
Expected Results: The installed software list should be returned.
I looked over the code. It appears to me the patch to list the installed
packages fails because HAVE_LIBRPM and HAVE_RPMGETPATH are not defined.
I made my own patch to 4.2.3 using the rpm40 patch, and added HAVE_LIBRPM
and HAVE_RPMGETPATH to config.h.in and compiled it and it worked.
Another problem of the "security" patch that the patch is absolutely not
thread safe. The library itself mainly works with threads (also stated in the
documentation). But the patches breaks this. IMHO the look like a really ugly
workaround for the security problems. The old interfaces should never be
changed to the new format since it breaks every program using the API. Instead
new more secure interfaces should be added with different names and via the
documentation or warnings all the other programs using the API could be asked
to change to the new version.
On other problem is that a program cannot detect if the library is patched or
not since the version number is not changed! If the version was increased you
can easily make programs work with the old API and a new one.
The latest version (4.2.3) is available via rawhide now. This should fix this
problem. It does not contain the big security patch anymore as the buffer
overflow bugs have been fixed upstream.
I've also fixed the rpm thing again, this time in the configure script directly.
Read ya, Phil
The RPM Spec needs an additional dependency of bzip2-devel.