| |
rpm id |
test |
Status |
message |
 |
xCAT-server-2.5.1-alt0.4.2.noarch |
init-but-no-native-systemd |
info |
The package have SysV init script(s) but no native systemd files. |
 |
xCAT-server-2.5.1-alt0.4.2.noarch |
init-lsb |
fail |
/etc/rc.d/init.d/xcatd: not systemd compatible: lsb init header missing and xcatd.service is not present. See http://www.altlinux.org/Services_Policy for details. |
|
xCAT-server-2.5.1-alt0.4.2.noarch |
missing-url |
info |
Missing Url: in a package. |
|
xCAT-server-2.5.1-alt0.4.2.noarch |
unsafe-tmp-usage-in-scripts |
fail |
The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/share/xcat/netboot/add-on/autogpfs/autogpfsd.pl: $ grep -A5 -B5 /tmp/ /usr/share/xcat/netboot/add-on/autogpfs/autogpfsd.pl openlog('autogpfsd','','local0'); syslog($type,$msg); closelog(); #no syslog hack system("(date;echo : $type $msg) >>/tmp/autogpfsd.log"); } END { unlink PIDFILE if $$ == $pid; } |