[OpenAFS] openafs-1.4.2 RHEL RPM package installs nonempty
SuidCells and mangles CellServDB
Derrick J Brashear
shadow@dementia.org
Fri, 17 Nov 2006 09:34:58 -0500 (EST)
On Fri, 17 Nov 2006, Carson Gaspar wrote:
> As another data point for y'all, we overwrite the new init scripts with more
> sane ones. For those of us in enterprise environments that have no desire or
> ability to talk to random Internet AFS cells, it's a terrible idea. The
> current code has no way to disable the new behaviour, and the shell code has
> no error checking to speak of. I wish this had been discussed before it was
> incorporated into the release.
We have to distribute RPMs which will continue to upgrade CellServDB
files, or people will keep trying to talk to cells in places they aren't
any more, and haven't been for years. This has been an ongoing problem.
However, the thing that may make sense is a package which does not munge
configuration which conflicts with the regular package but can be
installed in place of it, to address this issue. I'm unsure how we could
handle documenting it, as I'm sure everyone who doesn't bother to read
instructions will try to install both, get a conflict, and be confused.