| |
packager |
rpm id |
test |
status |
message |
 |
zidex |
glpi-apache2-10.0.17-alt1.noarch |
altlinux-policy-obsolete-httpd2-reload |
info |
This package contains httpd2 restart/reload calls in its post/un scripts. But those calls are deprecated by httpd2.filetrigger that activates by files in /etc/httpd2/ or %_libdir/apache2/modules/. It should be safe to remove those calls and rely on the filetrigger instead. |
|
zidex |
itop-apache2-3.1.1.1-alt1.noarch |
altlinux-policy-obsolete-httpd2-reload |
info |
This package contains httpd2 restart/reload calls in its post/un scripts. But those calls are deprecated by httpd2.filetrigger that activates by files in /etc/httpd2/ or %_libdir/apache2/modules/. It should be safe to remove those calls and rely on the filetrigger instead. |
 |
zidex |
ocsinventory-agent-2.10.4-alt1.noarch |
unsafe-tmp-usage-in-scripts |
fail |
The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/bin/ocsinventory-agent: $ grep /tmp/ /usr/bin/ocsinventory-agent =item B<--stdout> Print the inventory on stdout. % ocsinventory-agent > /tmp/report.xml # prepare an inventory and write it in the /tmp/report.xml file. # A file will be created. =item B<--scan-homedirs> Authorized OCS to scan home directories to increase the Virtual Machine inventory. |