Hi,
during evaluation of open-vm-tools (switching from VMwareTools RPM) I ran into the problem, that the open-vm-tools function set uses /usr/bin/lsb_release for detecting the release of RHEL/CentOS. Technically it calls only "lsb_release --release --short" for retrieving major and minor versions.
A missing /usr/bin/lsb_release prevents /etc/init.d/vmware-tools from loading the kernel modules vmmemctl and vmxnet
Use of lsb_release is a standard way, but on stripped systems, redhat-lsb (which contains /usr/bin/lsb_release) is not installed, because this RPM has a lot of dependencies, which usually nobody want to have installed on stripped systems, like:
===================================================================================================================================================================================
Package Arch Version Repository Size
===================================================================================================================================================================================
Installing:
redhat-lsb i386 3.1-12.3.EL.el5.centos centos5-base-i386 21 k
Installing for dependencies:
avahi i386 0.6.16-1.el5_2.1 centos5-updates-i386 250 k
avahi-compat-libdns_sd i386 0.6.16-1.el5_2.1 centos5-updates-i386 22 k
bc i386 1.06-21 centos5-base-i386 105 k
binutils i386 2.17.50.0.6-9.el5 centos5-base-i386 2.9 M
cairo i386 1.2.4-5.el5 centos5-base-i386 394 k
cups i386 1:1.3.7-8.el5_3.6 centos5-updates-i386 3.4 M
cups-libs i386 1:1.3.7-8.el5_3.6 centos5-updates-i386 193 k
fontconfig i386 2.4.1-7.el5 centos5-base-i386 174 k
freetype i386 2.2.1-21.el5_3 centos5-updates-i386 310 k
gettext i386 0.14.6-4.el5 centos5-base-i386 1.4 M
libICE i386 1.0.1-2.1 centos5-base-i386 54 k
libSM i386 1.0.1-3.1 centos5-base-i386 27 k
libX11 i386 1.0.3-9.el5 centos5-base-i386 795 k
libXau i386 1.0.1-3.1 centos5-base-i386 18 k
libXdmcp i386 1.0.1-2.1 centos5-base-i386 19 k
libXext i386 1.0.1-2.1 centos5-base-i386 35 k
libXft i386 2.1.10-1.1 centos5-base-i386 44 k
libXi i386 1.0.1-3.1 centos5-base-i386 25 k
libXrender i386 0.9.1-3.1 centos5-base-i386 27 k
libXt i386 1.0.2-3.1.fc6 centos5-base-i386 175 k
libXxf86vm i386 1.0.1-3.1 centos5-base-i386 14 k
libdaemon i386 0.10-5.el5 centos5-base-i386 24 k
libdrm i386 2.0.2-1.1 centos5-base-i386 19 k
libjpeg i386 6b-37 centos5-base-i386 139 k
libpng i386 2:1.2.10-7.1.el5_3.2 centos5-updates-i386 241 k
libtiff i386 3.8.2-7.el5_3.4 centos5-updates-i386 306 k
m4 i386 1.4.5-3.el5.1 centos5-base-i386 133 k
make i386 1:3.81-3.el5 centos5-base-i386 466 k
mesa-libGL i386 6.5.1-7.7.el5 centos5-base-i386 9.7 M
pango i386 1.14.9-5.el5.centos centos5-updates-i386 335 k
paps i386 0.6.6-18.el5 centos5-base-i386 32 k
pax i386 3.4-1.2.2 centos5-base-i386 63 k
time i386 1.7-27.2.2 centos5-base-i386 16 k
xorg-x11-filesystem noarch 7.1-2.fc6 centos5-base-i386 5.4 k
Transaction Summary
===================================================================================================================================================================================
Install 35 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
avahi and cups should not exist on a hardened system, also the X-libraries were not expected to be installed, especially, when "open-vm-tools-nox" is installed...
Imho, use of /usr/bin/lsb_release is a overkill and can be done much easier in a simple script by reading /etc/redhat-release like some other release detection method also working.
At least for RHEL 5.4, following is working well:
cat /etc/redhat-release | sed 's/.* \(\.[0-9]\) .*/\1/'
lsb_release is used here:
grep lsb_release -r /usr/lib/vmware-tools/
/usr/lib/vmware-tools/functions: local version=`lsb_release --release --short`
/usr/lib/vmware-tools/functions: local version=`lsb_release --release --short`
/usr/lib/vmware-tools/functions: # if lsb_release includes minor version, use that
/usr/lib/vmware-tools/functions: lsb_release --release --short | tr --delete "."
/usr/lib/vmware-tools/install/open-vm-tools-kmod/functions: local version=`lsb_release --release --short`
/usr/lib/vmware-tools/install/open-vm-tools-kmod/functions: local version=`lsb_release --release --short`
/usr/lib/vmware-tools/install/open-vm-tools-kmod/functions: # if lsb_release includes minor version, use that
/usr/lib/vmware-tools/install/open-vm-tools-kmod/functions: lsb_release --release --short | tr --delete "."
I suggest to replace lsb_release either by a simple script or take a copy of the code (/usr/bin/lsb_release is also a shell script) and include the important parts.
Note: unfortunatelly, the open-vm-tools function are called using /bin/sh, therefore overloading this function by e.g. a /etc/profile.d scriptlet also not worked
Only existing workaround: store a copy of lsb_release into /usr/bin
BTW: if use of /usr/bin/lsb_release stays, at least this important requirement needs to be specified in the RPM, either
Requires: redhat-lsb
or
Requires: /usr/bin/lsb_release
Peter