I finished implementing statoverride in dpkg, and a dpkg-statoverride tool to manage the new option. A statoverride is a way to override the ownership and mode of objects in the filesystem that are managed by dpkg (ie directories, files, devices, etc.). It works pretty much like a diversion: you register an override using a tool (dpkg-statoverride), and dpkg will know what to do when it installs a package. This has an advantage over suidmanager: there is no longer a delay between when a file is created, and when its status can be changed in the postinst. This also means a slight change in how to use this: in order to be really useful an override needs to be added before the package is extracted. In other words it must be doing in the preinst or debconf-stage. It can of course also be done in the postinst, but then you will still have a delay between extraction of the file and changing the ownership/filemode. I'll attach the dpkg-statoverride manpage. Wichert. -- ________________________________________________________________ / Generally uninteresting signature - ignore at your convenience \ | wichert@liacs.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
DPKG-STATOVERRIDE(8) dpkg utililties DPKG-STATOVERRIDE(8)
NNAAMMEE
dpkg-statoverride -- override ownership and mode of files
SSYYNNOOPPSSIISS
ddppkkgg--ssttaattoovveerrrriiddee [options] --add <user> <group> <mode>
_<_f_i_l_e_>
ddppkkgg--ssttaattoovveerrrriiddee [options] --remove _<_f_i_l_e_>
ddppkkgg--ssttaattoovveerrrriiddee [options] --list _[_<_g_l_o_b_-_p_a_t_t_e_r_n_>_]
DDEESSCCRRIIPPTTIIOONN
`ssttaatt oovveerrrriiddeess' are a way to tell dpkg to use a different
owner or mode for a file when a package is installed.
(note: I use the word `file' here, but in reality this can
be any filesystem object that dpkg handles, including
directories, devices, etc.). This can be used to force
programs that are normall setuid to be install without a
setuid flag, or only executable by a certain group.
ddppkkgg--ssttaattoovveerrrriiddee is a utility to manager the list of stat
overrides. It has three basic functions: adding, removing
and listing overrides.
OOPPTTIIOONNSS
_-_-_a_d_d _<_u_s_e_r_> _<_g_r_o_u_p_> _<_m_o_d_e_> _<_f_i_l_e_>
Add an override for <<ffiillee>>. The might does not need
to exist at this moment, the override will be
stored and used later. Users and groups can be
specified by their name (for example rroooott or
nnoobbooddyy), or by there number by prepending the num-
ber with a `##' (for example ##00 or ##6655553344).
_-_-_r_e_m_o_v_e _<_f_i_l_e_>
Remove an override for <<ffiillee>>.
_-_-_l_i_s_t _[_<_g_l_o_b_-_p_a_t_t_e_r_n_>_]
List all overrides. If a glob pattern is specified
restrict the output to overrides which match the
glob.
_-_-_f_o_r_c_e
Force an action, even if a sanity check would oth-
erwise prohibit it. This is necessary to override
an existing override.
_-_-_u_p_d_a_t_e
Immediately try to change the file to the new owner
and mode if it exists. This is only done for
_-_-_a_d_d.
_-_-_q_u_i_e_t
Be less verbose about what we do.
_-_-_h_e_l_p Show version, copyright and usage information.
Debian project June 2000 1
DPKG-STATOVERRIDE(8) dpkg utililties DPKG-STATOVERRIDE(8)
_-_-_a_d_m_i_n_d_i_r
Change the directory of the dpkg database where the
statoverride file is also stored. Defaults to
/var/lib/dpkg.
FFIILLEESS
_/_v_a_r_/_l_i_b_/_d_p_k_g_/_s_t_a_t_o_v_e_r_r_i_d_e
File which contains the current list of stat over-
rides of the system. It is located in the dpkg
administration directory, along with other files
important to dpkg, such as `status' or `available'.
Note: dpkg-statoverride preserves the old copy of
this file, with extension "-old", before replacing
it with the new one.
SSEEEE AALLSSOO
ddppkkgg(8)
AAUUTTHHOORR
Copyright 2000 Wichert Akkerman <wakkerma@debian.org>
This is free software; see the GNU General Public Licence
version 2 or later for copying conditions. There is NO
warranty.
Debian project June 2000 2
Attachment:
pgpftqedbCefP.pgp
Description: PGP signature