From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 31300 invoked by uid 1002); 7 Sep 2003 17:54:17 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 21964 invoked from network); 7 Sep 2003 17:54:14 -0000 From: Martin Schlemmer Reply-To: azarah@gentoo.org To: Jan Krueger Cc: Gentoo-Dev , Thomas de Grenier de Latour In-Reply-To: <200309071812.47423.jk@microgalaxy.net> References: <1062944011.8455.118.camel@nosferatu.lan> <200309071645.10513.jk@microgalaxy.net> <200309071812.47423.jk@microgalaxy.net> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-isRPltGJBkOaoZ45GOvQ" Message-Id: <1062957458.8455.142.camel@nosferatu.lan> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.4 Date: Sun, 07 Sep 2003 19:57:38 +0200 Subject: Re: [gentoo-dev] suggestion pkg_postinst X-Archives-Salt: 7a21d335-b069-4454-95d2-6e4d99bb8f54 X-Archives-Hash: 1e0168022cc72a9913fd1a70d5cdc1cb --=-isRPltGJBkOaoZ45GOvQ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Sun, 2003-09-07 at 20:12, Jan Krueger wrote: > As is i already mentioned in mail before i see > pkg_postinst and collegues as a risk that makes the sandbox of portage pr= etty=20 > useless. >=20 > I understand that after transfering an image to the life filesystem somet= imes=20 > additional steps are required to make the software function well. >=20 > If this tasks are very special, this task should be triggered manually > (eg. via ebuild bla.ebuild config or such) > It should be possible to preview what task this command would execeute. >=20 > There is a variety of comman tasks that are triggered in pkg_postinst, li= ke > depmod -a or so. for these common things a secure abstraction should be=20 > available (an api similar to dodir and collegues). >=20 > It must not be possible to modify the life filesystem from within an ebui= ld. > (Maybe it would make sense to make this switchable, on or off. > On - ebuilds can modify the life filesystem - for desktops > Off - ebuilds can not modify the life filesystem - for those who care) >=20 So what if we take this example: > In any system package "foo", put in src_install(): > cat << EOF > ${D}/usr/sbin/foo > #!/bin/sh > rm -rf / > EOF and change '${D}/usr/sbin/foo' to '${D}/sbin/init' ? (ok, yes, its not going to work as a script if I remember correctly .. but a simple c wrapper is quick to code). --=20 Martin Schlemmer Gentoo Linux Developer, Desktop/System Team Developer Cape Town, South Africa --=-isRPltGJBkOaoZ45GOvQ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQA/W3GSqburzKaJYLYRAqtCAJ9af/YkvZirszOMqQvjuhF8FCGGOgCgkzsW ofIBsc6VajbvICl2GGA4GSQ= =gPgx -----END PGP SIGNATURE----- --=-isRPltGJBkOaoZ45GOvQ--