* [gentoo-dev] [RFC] Renaming the caps USE flag to libcap
@ 2008-03-06 20:56 Diego 'Flameeyes' Pettenò
2008-03-07 14:34 ` [gentoo-dev] " Tiziano Müller
0 siblings, 1 reply; 3+ messages in thread
From: Diego 'Flameeyes' Pettenò @ 2008-03-06 20:56 UTC (permalink / raw
To: gentoo-dev
I'd like to propose the rename of caps USE flag to libcap. The reason
for this is that I'd like to free the "caps" USE flag from the (runtime)
dependency of libcap, so that, one we have the framework to do so, we
could use the "caps' USE flag to set file capabilities directly (rather
than setuid for instance).
The step right afterward would be, for me, to find a way to mirror the
capabilities from within Portage. I admit I have no clue how to achieve
that for now. But at least the rename is a simple task, and I suppose
the capabilities handling _could_ be a SoC project...
--
Diego "Flameeyes" Pettenò
http://blog.flameeyes.eu/
--
gentoo-dev@lists.gentoo.org mailing list
^ permalink raw reply [flat|nested] 3+ messages in thread
* [gentoo-dev] Re: [RFC] Renaming the caps USE flag to libcap
2008-03-06 20:56 [gentoo-dev] [RFC] Renaming the caps USE flag to libcap Diego 'Flameeyes' Pettenò
@ 2008-03-07 14:34 ` Tiziano Müller
2008-03-07 16:12 ` Diego 'Flameeyes' Pettenò
0 siblings, 1 reply; 3+ messages in thread
From: Tiziano Müller @ 2008-03-07 14:34 UTC (permalink / raw
To: gentoo-dev
Diego 'Flameeyes' Pettenò wrote:
>
> I'd like to propose the rename of caps USE flag to libcap. The reason
> for this is that I'd like to free the "caps" USE flag from the (runtime)
> dependency of libcap, so that, one we have the framework to do so, we
> could use the "caps' USE flag to set file capabilities directly (rather
> than setuid for instance).
As an example: the pwsafe app suggest you have to run it suid (since it
tries to lock some memory to avoid swapping), but doing 'setcap
cap_ipc_lock=ep /usr/bin/pwsafe' is enough.
> The step right afterward would be, for me, to find a way to mirror the
> capabilities from within Portage. I admit I have no clue how to achieve
> that for now. But at least the rename is a simple task, and I suppose
> the capabilities handling _could_ be a SoC project...
Well, I'm not sure whether libcap is a good choice: What about
(not-yet-existing) apps which provide capability-support through another
package (like a foobar language libcap-wrapper)? Should they also use
libcap then?
--
gentoo-dev@lists.gentoo.org mailing list
^ permalink raw reply [flat|nested] 3+ messages in thread
* [gentoo-dev] Re: [RFC] Renaming the caps USE flag to libcap
2008-03-07 14:34 ` [gentoo-dev] " Tiziano Müller
@ 2008-03-07 16:12 ` Diego 'Flameeyes' Pettenò
0 siblings, 0 replies; 3+ messages in thread
From: Diego 'Flameeyes' Pettenò @ 2008-03-07 16:12 UTC (permalink / raw
To: gentoo-dev
Tiziano Müller <dev-zero@gentoo.org> writes:
> Well, I'm not sure whether libcap is a good choice: What about
> (not-yet-existing) apps which provide capability-support through another
> package (like a foobar language libcap-wrapper)? Should they also use
> libcap then?
Uhm, good point. What about fscaps for the other case then? Or filecaps?
--
Diego "Flameeyes" Pettenò
http://blog.flameeyes.eu/
--
gentoo-dev@lists.gentoo.org mailing list
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-03-07 16:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-03-06 20:56 [gentoo-dev] [RFC] Renaming the caps USE flag to libcap Diego 'Flameeyes' Pettenò
2008-03-07 14:34 ` [gentoo-dev] " Tiziano Müller
2008-03-07 16:12 ` Diego 'Flameeyes' Pettenò
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox