[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

statoverride implemented

I finished implementing statoverride in dpkg, and a dpkg-statoverride
tool to manage the new option.

A statoverride is a way to override the ownership and mode of objects
in the filesystem that are managed by dpkg (ie directories, files,
devices, etc.).

It works pretty much like a diversion: you register an override using
a tool (dpkg-statoverride), and dpkg will know what to do when it installs
a package.

This has an advantage over suidmanager: there is no longer a delay
between when a file is created, and when its status can be changed
in the postinst. This also means a slight change in how to use
this: in order to be really useful an override needs to be added
before the package is extracted. In other words it must be doing
in the preinst or debconf-stage.

It can of course also be done in the postinst, but then you will
still have a delay between extraction of the file and changing the

I'll attach the dpkg-statoverride manpage.


 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

DPKG-STATOVERRIDE(8)     dpkg utililties     DPKG-STATOVERRIDE(8)

       dpkg-statoverride -- override ownership and mode of files

       ddppkkgg--ssttaattoovveerrrriiddee  [options]  --add  <user> <group> <mode>
       ddppkkgg--ssttaattoovveerrrriiddee [options] --remove _<_f_i_l_e_>
       ddppkkgg--ssttaattoovveerrrriiddee [options] --list _[_<_g_l_o_b_-_p_a_t_t_e_r_n_>_]

       `ssttaatt oovveerrrriiddeess' are a way to tell dpkg to use a different
       owner  or  mode  for  a  file when a package is installed.
       (note: I use the word `file' here, but in reality this can
       be  any  filesystem  object  that  dpkg handles, including
       directories, devices, etc.).  This can be  used  to  force
       programs  that  are normall setuid to be install without a
       setuid flag, or only executable by a certain group.

       ddppkkgg--ssttaattoovveerrrriiddee is a utility to manager the list of stat
       overrides.  It has three basic functions: adding, removing
       and listing overrides.

       _-_-_a_d_d _<_u_s_e_r_> _<_g_r_o_u_p_> _<_m_o_d_e_> _<_f_i_l_e_>
              Add an override for <<ffiillee>>. The might does not need
              to  exist  at  this  moment,  the  override will be
              stored and used later.  Users  and  groups  can  be
              specified  by  their  name  (for  example  rroooott  or
              nnoobbooddyy), or by there number by prepending the  num-
              ber with a `##' (for example ##00 or ##6655553344).

       _-_-_r_e_m_o_v_e _<_f_i_l_e_>
              Remove an override for <<ffiillee>>.

       _-_-_l_i_s_t _[_<_g_l_o_b_-_p_a_t_t_e_r_n_>_]
              List  all overrides. If a glob pattern is specified
              restrict the output to overrides  which  match  the

              Force  an action, even if a sanity check would oth-
              erwise prohibit it.  This is necessary to  override
              an existing override.

              Immediately try to change the file to the new owner
              and mode if it  exists.   This  is  only  done  for

              Be less verbose about what we do.

       _-_-_h_e_l_p Show version, copyright and usage information.

Debian project              June 2000                           1

DPKG-STATOVERRIDE(8)     dpkg utililties     DPKG-STATOVERRIDE(8)

              Change the directory of the dpkg database where the
              statoverride  file  is  also  stored.  Defaults  to

              File  which contains the current list of stat over-
              rides of the system. It  is  located  in  the  dpkg
              administration  directory,  along  with other files
              important to dpkg, such as `status' or `available'.
              Note:  dpkg-statoverride  preserves the old copy of
              this file, with extension "-old", before  replacing
              it with the new one.


       Copyright 2000 Wichert Akkerman <wakkerma@debian.org>

       This  is free software; see the GNU General Public Licence
       version 2 or later for copying conditions.   There  is  NO

Debian project              June 2000                           2

Attachment: pgp7brxLeCtsR.pgp
Description: PGP signature

Reply to: