32832 2016-12-01 05:22:42 +0300 Нарушает ALT Secure Packaging Policy 2016-12-01 10:12:46 +0300 1 1 4 Development Sisyphus snort unstable all Linux NEW https://www.altlinux.org/Secure_Packaging_Policy P3 blocker --- 1 evg sem aen oddity sem qa-sisyphus oldest_to_newest 160345 0 evg 2016-12-01 05:22:42 +0300 Пакет нарушает ALT Secure Packaging Policy, на что ежедневно в почту жалуется logrotate (3.9.1-alt2 и выше): =8<======================================================================= error: skipping "/var/log/snort/snort.log.1480503381" because parent directory has insecure permissions (it's group writable and has no sticky bit set); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480496531" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480497478" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480498666" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480498719" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480499917" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480500364" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth0/snort.u2.1480503469" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth1/snort.u2.1480500364" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. error: skipping "/var/log/snort/eth1/snort.u2.1480503469" because parent directory has insecure permissions (it's not owned by "root"); consider using "su" directive in config file to tell logrotate which user/group should be used for rotation. =8<======================================================================= Полиси гласит: =8<======================================================================= Пакеты не должны содержать каталоги, принадлежащие псевдо-пользователям. Вместо этого следует использовать каталоги, принадлежащие root, с установленным sticky bit и доступом группы по записи. =8<======================================================================= P.S.: предыстория здесь: https://bugzilla.altlinux.org/show_bug.cgi?id=31623 P.P.S.: согласно определению ldv в багтрекере, пакеты нарушающие SPP это блокер для выпуска продуктов, основанных на сизифе (цитата не дословная).