upstream/oracle/pkg-gate: doc/directory_perms.txt@24196b483cc6 (annotated)

1432 e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	1
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	2	Getting directory permissions correct and consistent
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	3	between packages is a common problem in distributions;
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	4	it's often made worse by sets of packages that attempt
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	5	to be installable across multiple versions of the OS.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	6
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	7	This is a resolvable problem in the small, but getting
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	8	all packages consistent everywhere is clearly untenable,
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	9	esp. if directory permissions change over time.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	10
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	11	Several ways of dealing w/ this problem suggest themselves:
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	12
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	13	0) continue as we have been
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	14
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	15	Pro - easy to do
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	16	Con - annoying verification errors, inconsistent
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	17	results depending on order of package installation.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	18
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	19	1) Fail package installation if new package has different
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	20	permissions than existing (already installed) directories.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	21
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	22	Pro - easy, solves consistency problem
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	23	Con - pushes problem onto user of package, since
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	24	problem is caught at install time. Makes changes
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	25	very hard.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	26
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	27	2) Define a directory permission in just one package,
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	28	and make all packages that install into that directory
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	29	depend on that package.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	30
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	31	Pro - easy to understand.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	32	Con - difficult to manage, leads to a lot of packages
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	33	if granularity of directory installations is fine.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	34	ISV implementation more difficult.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	35
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	36	Another approach that we're considering is the following:
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	37
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	38	*) Use a directory of template files (identified by pkg name)
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	39	that define default directory permissions, uid & gid.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	40
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	41	In this file, both explicit specifications and matching
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	42	rules are permitted.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	43
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	44	For example:
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	45
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	46	/etc/dirperms.d/SUNWcs might contain:
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	47
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	48	/* user=root group=bin mode=755
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	49	/usr user=root group=sys mode=755
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	50	/var user=root group=sys mode=755
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	51	/var/pkg/* user=root group=root mode=755
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	52
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	53	Explicit matches are always favored, and the
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	54	longest possible match is preferred as well.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	55
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	56	We anticipate that few packages will actually deliver such
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	57	files; the default one in SUNWcs should do for most. Conflicting
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	58	permissions in templates cause error messages.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	59
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	60	*) The default directory permissions would be applied to
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	61
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	62	* directories w/o explicit permissions
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	63	* directories where package manifests explicitly
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	64	conflict in directory permissions
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	65
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	66	We anticipate that this mechanism should greatly reduce the
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	67	difficulty of getting directory permissions correct, as most
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	68	packages can simply not specify them.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	69
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	70	Possible problem is that different packages could deliver
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	71	conflicting template specifications. In this case, the
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	72	effect is undefined, and pkg verify will complain about
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	73	this situation.
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	74
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	75
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	76
e2a449338bc5 10476 importer should be capable of resolving package dependencies against repo Bart Smaalders <Bart.Smaalders@Sun.COM> parents: diff changeset	77

author	Edward Pilatowicz <edward.pilatowicz@oracle.com>
	Mon, 16 Sep 2013 21:26:31 -0700
changeset 2945	24196b483cc6
parent 1432	e2a449338bc5
permissions	-rw-r--r--