[Pkg-cups-devel] Ubuntu patches for 1.2 cups

[Martin Pitt]

Hi Martin!

Martin-Éric Racine [2005-12-07 13:40 +0200]:
> > | -    if [ -x /usr/sbin/invoke-rc.d ]; then
> > | -	invoke-rc.d cupsys restart || exit 0
> > | -    else
> > | -	/etc/init.d/cupsys restart || exit 0
> > | -    fi
> > | +    /etc/init.d/cupsys restart || exit 0
> > 
> > Makes more sense for me to not use invoke-rc.d.
> 
> Isn't directly invoking init.d scripts against recommended practise?

It is recommended practice for maintainer scripts, I'm not sure about
best practices when calling it directly.

> Personally, I would stick with invoke-rc.d here.

Ok, that's fine for me for now.

> > So far: do not create config files with group nogroup/user nobody,
> > this is evil. root is much better for that and more compliant with the
> > Debian policy.
> 
> This appears in direct contradiction with Ubuntu's low-priviledge user
> strategy.  

No, it is not. Having conffiles owned by root and daemons running as
normal user ensures that the daemon (or, rather, exploits that are
injected into it) cannot modify its configuration files. Since (most)
conffiles are world-readable, it is not a problem to have them owned
by root.

So it is the other way round: giving these files to 'nobody' increases
the privileges of the 'nobody' user, which is unnecessary.

> Additionally, Ubuntu discourages the utilization of dpatch.

Hm? That's news to me. Personally I do not like dpatch very much, but
I don't frown upon it, and there is no official Ubuntu
policy/statement about dpatch at all.

Thanks,

Martin

-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-cups-devel/attachments/20051207/ad382d85/attachment.pgp