From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 33EB21386A8 for ; Sat, 26 Jan 2013 10:17:46 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7E40EE0534; Sat, 26 Jan 2013 10:17:42 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 92863E0495 for ; Sat, 26 Jan 2013 10:17:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id BF45233DB71 for ; Sat, 26 Jan 2013 10:17:40 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -1.326 X-Spam-Level: X-Spam-Status: No, score=-1.326 tagged_above=-999 required=5.5 tests=[AWL=-1.323, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from smtp.gentoo.org ([IPv6:::ffff:127.0.0.1]) by localhost (smtp.gentoo.org [IPv6:::ffff:127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k5FRcI9Utxky for ; Sat, 26 Jan 2013 10:17:35 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2BFBB33DB59 for ; Sat, 26 Jan 2013 10:17:34 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Tz2pU-0007C3-HY for gentoo-dev@gentoo.org; Sat, 26 Jan 2013 11:17:44 +0100 Received: from ip68-231-22-224.ph.ph.cox.net ([68.231.22.224]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Jan 2013 11:17:44 +0100 Received: from 1i5t5.duncan by ip68-231-22-224.ph.ph.cox.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Jan 2013 11:17:44 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Duncan <1i5t5.duncan@cox.net> Subject: [gentoo-dev] Re: fcaps.eclass: bringing filesystem capabilities to the tree Date: Sat, 26 Jan 2013 10:17:16 +0000 (UTC) Message-ID: References: <201301251851.45021.vapier@gentoo.org> <1359159053.32487.4.camel@kanae> <201301260246.12861.vapier@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: ip68-231-22-224.ph.ph.cox.net User-Agent: Pan/0.140 (Chocolate Salty Balls; GIT 09d34ae /usr/src/portage/src/egit-src/pan2) X-Archives-Salt: e59a77ad-e269-464e-9b70-d73ea6041d6e X-Archives-Hash: 2fe1aac0c624bfa90192a88b24e38465 Mike Frysinger posted on Sat, 26 Jan 2013 02:46:12 -0500 as excerpted: > if the package supports USE=caps, then it means the program is > intelligent enough to know what capabilities it needs and so it can drop > all of the rest before executing the main body of code. > wouldn't it be nice if you could set the required capabilities on a > binary and drop the set*id entirely ? that's what USE=filecaps gets us. Very useful summary. Thanks. =:^) I had all the pieces from various reading, but they were more in a heap than assembled, and just the other day I was trying to assemble them into something coherent (triggered by this thread, IIRC), but discovered I still needed a bit of help. This was exactly what I needed for the accumulated information to all fall into place! Thanks again! =:^) -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman