Control: tags -1 + patch pending Dear Maintainer,
Andreas Beckmann <deb...@abeckmann.de> writes: > Package: gnus-bonus-el > Version: 35.2 > Severity: serious > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > > during a test with piuparts I noticed that your package creates files in > /root. From the attached log (scroll to the bottom): > > 1m4.7s ERROR: FAIL: Package purging left files on system: > /root/.gnupg/ not owned > /root/.gnupg/gpg.conf not owned > /root/.gnupg/pubring.gpg not owned > /root/.gnupg/secring.gpg not owned > > Creating stuff in /root is a FHS and policy violation. (And of course > these files should not be deleted by maintainer scripts.) > But it is also an indication that the package operation may depend on > root's .gnupg configuration (and package installation might even fail if > that configuration is broken). That would be a case for "configuration > files not in /etc". The cause of this bug is the following: at bytecode compile time, gnus/mml2015.el from emacs23 is loaded (by a chain of requires). That file has a (defvar mml2015-use ...) construct which calls function (epg-configuration), which in turn runs the gpg binary (as root!). I attach a patch which fixes the problem by overriding the epg-gpg-home-directory variable at bytecode compile time, using a temporary location. There are probably other ways of achieving the same goal, for example by setting the environment variable GNUPGHOME. I uploaded an to NMU of the package to DELAYED/10 with the same patch. I hope this delay will give you the time to review the patch and, if you prefer another way of fixing it, to implement your preferred solution. Don't hesitate to tell me if you want me to delay the upload longer. Regards,
diff -Nru emacs-goodies-el-35.2/debian/changelog emacs-goodies-el-35.2+nmu1/debian/changelog
--- emacs-goodies-el-35.2/debian/changelog 2011-10-27 19:30:01.000000000 +0200
+++ emacs-goodies-el-35.2+nmu1/debian/changelog 2012-10-21 13:17:55.000000000 +0200
@@ -1,3 +1,13 @@
+emacs-goodies-el (35.2+nmu1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * No longer create /root/.gnupg during installation of gnus-bonus-el.
+ This is achieved by binding epg-gpg-home-directory to a temporary
+ directory during bytecode compilation (implementation in
+ debian/emacsen-install.template). (Closes: #689807)
+
+ -- Sébastien Villemot <sebast...@debian.org> Sun, 21 Oct 2012 11:30:47 +0200
+
emacs-goodies-el (35.2) unstable; urgency=low
[ Roland Mas ]
diff -Nru emacs-goodies-el-35.2/debian/emacsen-install.template emacs-goodies-el-35.2+nmu1/debian/emacsen-install.template
--- emacs-goodies-el-35.2/debian/emacsen-install.template 2010-01-07 04:24:14.000000000 +0100
+++ emacs-goodies-el-35.2+nmu1/debian/emacsen-install.template 2012-10-21 11:45:05.000000000 +0200
@@ -101,10 +101,22 @@
EOF
fi
+# Prevent epg from manipulating /root/.gnupg (#689807)
+if [ ${PACKAGE} = gnus-bonus-el ]; then
+ TMPGNUPGHOME=`mktemp -d --tmpdir gnupg.XXXXXXXXXX`
+ cat << EOF >> path.el
+(setq epg-gpg-home-directory "${TMPGNUPGHOME}")
+EOF
+fi
+
echo ${FLAVOR} ${FLAGS} ${FILES} >> ${LOG}
"${FLAVOR}" ${FLAGS} ${FILES} >> ${LOG} 2>&1
egrep -s -e "While compiling|\*\*" ${LOG} || /bin/true
echo install/${PACKAGE}: Deleting ${LOG}
rm -f path.el ${LOG}
+if [ ${PACKAGE} = gnus-bonus-el ]; then
+ rm -rf ${TMPGNUPGHOME}
+fi
+
exit 0
-- .''`. Sébastien Villemot : :' : Debian Developer `. `' http://www.dynare.org/sebastien `- GPG Key: 4096R/381A7594
pgpO1FqhXnTrN.pgp
Description: PGP signature
