<div class="gmail_quote">On Fri, Feb 20, 2009 at 2:00 PM, Panu Matilainen <span dir="ltr"><<a href="mailto:pmatilai@laiskiainen.org">pmatilai@laiskiainen.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, 19 Feb 2009, devzero2000 wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
On Thu, Feb 19, 2009 at 12:03 AM, Jennis Pruett <<a href="mailto:jennyp@lanl.gov" target="_blank">jennyp@lanl.gov</a>> wrote:<br>
> I am not allowed "root" on any system, but we build rpms to<br>
> give to our sysadmins.<br>
><br>
> My problem: Using my .spec file, I create rpms.<br>
> But I can't find any way to test what will happen when the rpm<br>
> is obsolete and the systems folks have to do the rpm -e rpm_that_I<br>
> built_at_one_time_in_antoher_life.rpm<br>
><br>
><br>
> I can cpio the rpm, and use the rpm -qip to check it. But there is no<br>
way<br>
> that I know<br>
> of, to verify that the erasure will actually remove everything.<br>
</blockquote>
<br></div>
Well, generally rpm removes what it knows about. If you're creating files from %post and such, try to move that to the package contents. Or if not possible, make %ghost files of anything that you expect to get created either in scriptlets or software runtime.<div class="Ih2E3d">
<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> Anyone have an idea?<br>
><br>
> Thanks,<br>
> J<br>
<br>
Use a chroot. Most also build in a chroot<br>
<a href="http://fedoraproject.org/wiki/Projects/Mock" target="_blank">http://fedoraproject.org/wiki/Projects/Mock</a><br>
</blockquote>
<br></div>
Yup, except chroot needs root privilege which is not available here:<div class="Ih2E3d"></div></blockquote><div><br>I ask my sysadm to create a chroot for a user (o for myself ) - i hope that it is possible to ask something to the sysadmin - telling it to use pam_chroot for this username. So no root priv are necessary for that user. For accessing the machine from ssh it is necessary disable ssh privilege separation but IMHO it is not a problem for a development env. This is what i have done in the past . In the future probably i try pam_namespace and the linux shared subtree.<br>
JMHO<br> <br><br></div></div><br>