Репозиторий Sisyphus
Последнее обновление: 1 октября 2023 | Пакетов: 18631 | Посещений: 37478593
en ru br
Майнтейнер: Dmitriy Terekhin

 Информация   Пакеты   Bugs and FR  Repocop 

Сообщения от repocop:

пакет статус тест сообщение
alterator-net-domain-0.7.3-alt4.x86_64
fail
unsafe-tmp-usage-in-scripts The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/alterator/backend3/net-domain: $ grep /tmp/ /usr/lib/alterator/backend3/net-domain ## https://www.altlinux.org/ActiveDirectory/DC ad_provision_domain() { local domain_name="$1" shift local log="/tmp/samba-dc-provision-$(date +%d.%m.%Y-%H:%M:%S)-$domain_name.log"... [the rest of the message is skipped]
branding-alt-server-10.2-alt3.src
info
requires-ImageMagick Dependency on ImageMagick (compat package) found. It probably should be replaced with more specific dependency like /usr/bin/convert or ImageMagick-tools, or it can be already autodetected by findreq-shell.
branding-alt-server-notes-10.2-alt3.noarch
warn
file-in-usr-marked-as-conffile Files below /usr may not be marked as conffiles, since /usr might be mounted read-only and thus, the local system administrator would not have a chance to modify this configuration file.
brcm-patchram-plus-0.1.1-alt1.x86_64
experimental
systemd-but-no-native-init The package have native systemd file(s) but no SysV init scripts.
installer-distro-centaurus-stage2-10.2-alt3.x86_64
fail
unsafe-tmp-usage-in-scripts The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/install2/preinstall.d/35-enable-systemd-networkd.sh: $ grep /tmp/ /usr/share/install2/preinstall.d/35-enable-systemd-networkd.sh shell_config_set $i/options NM_CONTROLLED no shell_config_set $i/options SYSTEMD_CONTROLLED yes shell_config_set $i/options DISABLE... [the rest of the message is skipped]
installer-distro-centaurus-stage2-10.2-alt3.x86_64
warn
rpm-filesystem-conflict-file-file There are file conflicts with the package installer-distro-token-desktop-stage2-0.1.1-alt5.noarch, for example, /usr/share/install2/alterator-menu/module-expert-list (4 file conflicts in total). Moreover, the packages have no explicit conflicts with each other. You should add explicit conflicts, or, if conflicts are avoidable, consider using alternatives. dable, consider using alternatives. s. ing alternatives.
pi-bluetooth-0.1.15-alt1.noarch
experimental
systemd-but-no-native-init The package have native systemd file(s) but no SysV init scripts.
volumes-profile-alt-server-1.1-alt1.noarch
warn
rpm-filesystem-conflict-file-file File /usr/share/install2/initinstall.d/10-vm-profile.sh conflicts with the package volumes-profile-regular-0.5.1-alt1.noarch. Moreover, the packages have no explicit conflicts with each other. You should add explicit conflicts, or, if conflicts are avoidable, consider using alternatives. . ives.
volumes-profile-cliff-server-0.18-alt1.noarch
warn
rpm-filesystem-conflict-file-file File /usr/share/install2/initinstall.d/10-vm-profile.sh conflicts with the package volumes-profile-regular-0.5.1-alt1.noarch. Moreover, the packages have no explicit conflicts with each other. You should add explicit conflicts, or, if conflicts are avoidable, consider using alternatives. . ives.
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin