Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only
Back to discussions
Expand all | Collapse all

bug with rpm --verify , starting with rpm.rte.4.9.1.3

  • 1.  bug with rpm --verify , starting with rpm.rte.4.9.1.3

    Posted Wed April 26, 2017 12:35 PM

    Originally posted by: christophe.rousseau


    Hi everyone,

    I opened a PMR at IBM's about that issue, but I've been told that I should open an issue in this forum,

    because the component owners need to open a discussion here. So here I am :)

     

    Here's the problem :

    We encountered an issue with the option --verify for rpm :

    A client wants to check that files are consistent and not altered with rpm --verify .

     

    - with rpm.rte V3.0.5.53, results are OK and react if I change permissions /owner on files , for example.

    # ls -ltr /opt/freeware/bin/bunzip2

    -rwxr-xr-x 1 root system 33713 Mar 4 2015 /opt/freeware/bin/bunzip2

    #rpm --verify bzip2

    [..]

    S.5....T /opt/freeware/bin/bunzip2

    [..]

     

    - with rpm.rte V4.9.1.3, results do not reflect changes on files owned by a rpm package.

    For example, if you just installed bzip2 and if you verify it, you'll see this :

    #rpm --verify bzip2

    [..]

    ......G.. /usr/bin/bunzip2

    [..]

     

    -->indicating that Group ownership differs from the installation default... But no changes were made to these files, group owner is system as it should be.

     

    # ls -ltr /opt/freeware/bin/bunzip2

    -rwxr-xr-x 1 root system 33713 Mar 4 2015 /opt/freeware/bin/bunzip2

     

    What's weirder though, is that when we try to change some permissions on these, the --verify always shows the same thing.

     

    # chgrp nobody /opt/freeware/bin/bunzip2

    # rpm --verify bzip2 | grep bunzip2

    5S.T..G.. /opt/freeware/bin/bunzip2

    # chgrp system /opt/freeware/bin/bunzip2

    # rpm --verify bzip2 | grep bunzip2

    5S.T..G.. /opt/freeware/bin/bunzip2

     

    See ? it's always showing the "G" flag... whatever you're doing.

     

    FYI , we are not able to rollback to a 3.X version , because we need rpm 4.9.1.3 in order for yum to work on AIX.

     

    Thanks everyone for your help !

     

    Kind regards,

     

    Christophe

     

     


    #AIX-Open-Source-Software
    #AIXOpenSource


  • 2.  Re: bug with rpm --verify , starting with rpm.rte.4.9.1.3

    Posted Thu April 27, 2017 10:15 AM

    Originally posted by: AyappanP


    Hi Christophe,

    Thanks for bringing up the issue. 

    It seems like the files section directive "%defattr" in the spec file behaves differently in the latest rpm version ie , 4.9.1.3. 

    Some packages are affected due to this. We are looking into this issue.

    By the way, i tried changing some permissions on the files provided by the affected package, it do reflects in rpm --verify.

    # rpm --version
    RPM version 4.9.1.3

    (0) root @ aixoss-automation-2: 6.1.0.0: /
    # rpm --verify bzip2
    ......G..    /opt/freeware/bin/bunzip2
    ......G..    /opt/freeware/bin/bzcat
    ......G..    /opt/freeware/bin/bzcmp

    ..........

    # ls -ltr /opt/freeware/bin/bunzip2
    -rwxr-xr-x 1 root system 33530 May 13  2016 /opt/freeware/bin/bunzip2

     

    # chown ayappan:ayappan /opt/freeware/bin/bunzip2

    (0) root @ aixoss-automation-2: 6.1.0.0: /
    # rpm --verify bzip2
    .....UG..    /opt/freeware/bin/bunzip2
    ......G..    /opt/freeware/bin/bzcat
    ......G..    /opt/freeware/bin/bzcmp
    ......G..    /opt/freeware/bin/bzdiff

    ............

    Here it shows User & Group is modified ( G is always shown due to the reason i mentioned above )

     


    #AIXOpenSource
    #AIX-Open-Source-Software


Related Content