| Summary: | sys-process/acct: init script should use checkpath instead of touch/chmod | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Michael Orlitzky <mjo> |
| Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | wimmuskee |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=540006 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
fix PR in https://github.com/gentoo/gentoo/pull/3251 or patch at https://github.com/gentoo/gentoo/pull/3251.patch The fix is obviously correct, but a change to acct.initd will affect the stable acct-6.5.5-r3.ebuild. We try not to modify stable packages in-place, opting instead for a new revision. In this case you could do an acct.initd-r1 and then modify acct-6.6.*.ebuild in-place to use the new init script. On the other hand, this change is at the level of "what could possibly go wrong," so the maintainers will have to decide =) added the revisions in the PR $ git cherry-pick -x 34607e7a775cc87873fd4710513f923b36ba75dc -s [master e5926f877e] sys-process/acct: initd implement checkpath, #603606 Author: Wim Muskee <wimmuskee@gmail.com> Date: Tue Dec 27 11:31:17 2016 +0100 3 files changed, 124 insertions(+) create mode 100644 sys-process/acct/acct-6.5.5-r4.ebuild create mode 100644 sys-process/acct/acct-6.6.2-r1.ebuild create mode 100644 sys-process/acct/files/acct.initd-r1 |
The init script for acct creates its own log file: if [ ! -e "${ACCT_LOG}" ] ; then touch "${ACCT_LOG}" chmod 600 "${ACCT_LOG}" fi That whole "if" statement can be replaced with a single call to "checkpath", from OpenRC. Doing so has two benefits: checkpath is more portable, being part of OpenRC, and it is also more secure, because it will not follow symlinks (as opposed to chmod, which will). This minor improvement will also eliminate a bad example that could be copy/pasted into a more critical position by an unwary developer.