Bug#562194: hplip: hp-plugin writes to /usr/share
Package: hplip
Version: 3.9.10-4
Severity: serious
Justification: Policy 9.1.1
hp-plugin downloads firmware and plugins into
/usr/share/hplip/data/{firmware,plugins}. To quote the FHS:
/var is specified here in order to make it possible to mount /usr
read-only. Everything that once went into /usr that is written to
during system operation (as opposed to installation and software
maintenance) must be in /var.
http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html#THEVARHIERARCHY
So those two directories break Policy 9.1.1. For instance, /usr could
be read-only when dpkg is not being used, as proposed in the Securing
Debian Manual.
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.9.2
So I propose that hp-plugin should be modified to download firmware to
/var/lib/hplip/data/{firmware,plugins} and symbolic links added in
/usr/share/hplip/data/. (I suspect the downloaded firmware is
variable data, anyway.) An alternative might be /var/cache ?
Thanks,
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages hplip depends on:
ii adduser 3.111 add and remove users and groups
ii coreutils 8.0-2 GNU core utilities
ii cups 1.4.1-5 Common UNIX Printing System(tm) -
ii cups-client 1.4.2-6 Common UNIX Printing System(tm) -
ii hplip-data 3.9.10-4 HP Linux Printing and Imaging - da
ii libc6 2.10.2-2 GNU C Library: Shared libraries
ii libcups2 1.4.2-6 Common UNIX Printing System(tm) -
ii libdbus-1-3 1.2.16-2 simple interprocess messaging syst
ii libsane 1.0.20-10 API library for scanners
ii libsnmp15 5.4.2.1~dfsg-5 SNMP (Simple Network Management Pr
ii libssl0.9.8 0.9.8k-7 SSL shared libraries
ii libusb-0.1-4 2:0.1.12-13 userspace USB programming library
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
ii policykit-1 0.95-1 framework for managing administrat
ii python 2.5.4-4 An interactive high-level object-o
ii python-dbus 0.83.0-1 simple interprocess messaging syst
ii python-imaging 1.1.7-1 Python Imaging Library
ii python-pexpect 2.3-1 Python module for automating inter
Versions of packages hplip recommends:
ii hplip-cups 3.9.10-4 HP Linux Printing and Imaging - CU
ii sane-utils 1.0.20-10 API library for scanners -- utilit
Versions of packages hplip suggests:
pn hplip-doc <none> (no description available)
pn hplip-gui <none> (no description available)
pn kdeprint | gtklp | xpp <none> (no description available)
pn openprinting-ppds <none> (no description available)
-- no debconf information
Reply to: