[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFS: fsprotect (try #2)


On Tuesday 21 April 2009, LI Daobing wrote:
> 2009/4/21 Stefanos Harhalakis <v13@v13.gr>:
> > I am looking for guidance and a sponsor for my package "fsprotect".
> 1. why this package is a native package? i think a normal package
> should be better

It was also mentioned on the last thread so I omit that:

fsprotect is 100% tied to a distribution. It cannot be an independent program 
that is packaged for debian or other distributions. The core functionality of 
fsprotect is provided by one init script and one initramfs script/hook and 
those are depending *very* much to the distribution. I.e the init script must 
run immediately after the filesystems are mounted and before anything else is 

> 2. one lintian warning:
> W: fsprotect source: out-of-date-standards-version 3.8.0 (current is 3.8.1)

Thanks. I'll fix this.

> 3. can you explain why you override the following lintian warnings
> $ cat debian/fsprotect.lintian-overrides
> fsprotect: non-standard-toplevel-dir fsprotect/
> fsprotect: virtual-package-depends-without-real-package-depends
> fsprotect: package-contains-empty-directory fsprotect/system/
> fsprotect: package-contains-empty-directory fsprotect/tmp/

fsprotect needs a directory under the root filesystem to preexist. Most 
probably it won't be used by normal users, so this won't be common. In IRC it 
was mentioned that it could should use /lib/fsprotect, but this directory is 
already used to store a helper script:

-rwxr-xr-x 1 root root 1786 2009-03-22 17:32 /lib/fsprotect/fsprotect-protect

and perhaps (in the future) hold other helper scripts too.

the /fsprotect directory will be used to mount filesystems inside it. 2 mounts 
per protected filesystem will exist in there.

The /fsprotect/system and /fsprotect/tmp directories are required to pre-exist 
at the time initramfs mounts the root filesystem.

Until now I didn't have a definitive answer regarding the proper location of 
that directory. I've also asked debian-devel some time ago about that but got 
no answer.

> especially any good reason to override this warning:
> virtual-package-depends-without-real-package-depends?

Yes.fsprotect uses aufs. It isn't a good idea to depend on packages like this 
one: aufs-modules-2.6.29-v2-v (which for example, is the module compiled for 
the custom kernel of my system). I've made fsprotect depend on aufs-modules 
which is provided my aufs-modules-* packages. I believe you understand that it 
isn't possible to depend on a specific modules version.

Thanks for the immediate feedback. If you don't have any other comments, I'll 
upload the new version (with standards 3.8.1) to mentors.

Reply to: