> > I'd take a different approach here; this code basically assumes that
> > the PM knows of it- note the chmod -s. The use flag protection you
> > tried adding, without some profile hacks, is user modifiable- meaning
> > users can flip it on even if the PM doesn't support it.
> >
> > Or consi
On Mon, 7 Mar 2011 03:40:23 -0800
Brian Harring wrote:
> On Mon, Mar 07, 2011 at 09:44:47AM +0100, Michaaa GGGrny wrote:
> > This should help with all the issues mentioned, including binpkg
> > support. Moreover, user could use the tool manually to restore/reset
> > filecaps if they were lost or
On Mon, Mar 07, 2011 at 09:44:47AM +0100, Michaaa GGGrny wrote:
> On Sun, 6 Mar 2011 17:34:29 +0100
> Constanze Hausner wrote:
>
> > On 17:44 Sat 05 Mar , Ciaran McCreesh wrote:
> > > * some filesystems don't support xattrs at all, and the package
> > > manager needs to support installing to
On Sun, 6 Mar 2011 17:34:29 +0100
Constanze Hausner wrote:
> On 17:44 Sat 05 Mar , Ciaran McCreesh wrote:
> > * some filesystems don't support xattrs at all, and the package
> > manager needs to support installing to them, even if the user is
> > building on a filesystem that does support it
On Sun, Mar 06, 2011 at 05:34:29PM +0100, Constanze Hausner wrote:
> On 17:44 Sat 05 Mar , Ciaran McCreesh wrote:
> > * tar and xattrs is a massive problem, so how do binaries work?
> tar can be patched to support xattrs. If we want to use caps, we will
> have to apply those patches too. (iirc
On 03:01 Sun 06 Mar , Brian Harring wrote:
[snip]
Thanks for your feedback, your remarks were correct :). I updated the
eclass appropriately.
> I'd take a different approach here; this code basically assumes that
> the PM knows of it- note the chmod -s. The use flag protection you
> tried a
On 17:44 Sat 05 Mar , Ciaran McCreesh wrote:
> On Sat, 5 Mar 2011 18:41:46 +0100
> Constanze Hausner wrote:
> > > You're requiring special package manager behaviour if that flag is
> > > set?
> >
> > I'm requiring, that the package manager preserves the xattrs, when
> > stripping the binary a
On Sat, Mar 05, 2011 at 02:24:22PM +0100, Constanze Hausner wrote:
> fcaps() {
> debug-print-function ${FUNCNAME} "$@"
> debug-print "${FUNCNAME}: Trying to set capabilities for ${4}"
> local uid_gid=$1
> local perms=$2
> export fallbackFileMode=$perms
> local ca
On Sat, 5 Mar 2011 18:41:46 +0100
Constanze Hausner wrote:
> > You're requiring special package manager behaviour if that flag is
> > set?
>
> I'm requiring, that the package manager preserves the xattrs, when
> stripping the binary and when moving it from the sandbox to the
> live-fs.
Currently
On 17:15 Sat 05 Mar , Ciaran McCreesh wrote:
> On Sat, 5 Mar 2011 14:24:22 +0100
> Constanze Hausner wrote:
> > It uses a new global use-flag (filecaps) so it wouldn't collide with
> > the caps use-flag and the corresponding old handling of file-caps.
>
> You're requiring special package mana
On Sat, 5 Mar 2011 14:24:22 +0100
Constanze Hausner wrote:
> It uses a new global use-flag (filecaps) so it wouldn't collide with
> the caps use-flag and the corresponding old handling of file-caps.
You're requiring special package manager behaviour if that flag is set?
--
Ciaran McCreesh
sig
Hello,
last GSoC I developed an eclass for the handling of file-based
capabilities [1]. One should be able to set file-caps for the binary from
the src_install phase. The eclass handles the setting of the caps and
also applies a fallback file-mode, if the caps-setting goes wrong.
I would be happy
12 matches
Mail list logo
