[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#580078: lintian: false positive for "init.d-script-missing-dependency-on-remote_fs /etc/init.d/cryptdisks: required start/stop"



Raphael Geissert <geissert@debian.org> writes:
> Jonas Meurer wrote:

>> cryptdisks and cryptdisks-early initscripts both need to be started
>> before any (non-root) filesystem is mounted. still, i added a check for
>> /usr/bin/id in the initscripts in order to warn normal users that they
>> need root privileges when they execute the initscript.

> First of all I'm curious as to why you are adding that check. Only a
> few, rare, init scripts do that.

> I'm actually surprised that policy doesn't say a word about this. I
> don't think there's any reason to introduce such a technical blockage
> (that can be bypassed until the point where the special privileges are
> actually needed.)

> Russ, what do you think? (with your policy hat on :)

I agree, and I see Jonas is already convinced.  I'm not sure that the
capabilities system is usable enough that anyone would do this right now,
but it should be possible to grant a non-root user the capabilities to run
particular init scripts and there may be some times when that's more
useful than using sudo.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>



Reply to: