Re: RFS: fsprotect (try #2)
Hello,
On Tuesday 21 April 2009, LI Daobing wrote:
> 2009/4/21 Stefanos Harhalakis <v13@v13.gr>:
> > I am looking for guidance and a sponsor for my package "fsprotect".
> 1. why this package is a native package? i think a normal package
> should be better
It was also mentioned on the last thread so I omit that:
fsprotect is 100% tied to a distribution. It cannot be an independent program
that is packaged for debian or other distributions. The core functionality of
fsprotect is provided by one init script and one initramfs script/hook and
those are depending *very* much to the distribution. I.e the init script must
run immediately after the filesystems are mounted and before anything else is
ran.
> 2. one lintian warning:
> W: fsprotect source: out-of-date-standards-version 3.8.0 (current is 3.8.1)
Thanks. I'll fix this.
> 3. can you explain why you override the following lintian warnings
> $ cat debian/fsprotect.lintian-overrides
> fsprotect: non-standard-toplevel-dir fsprotect/
> fsprotect: virtual-package-depends-without-real-package-depends
> fsprotect: package-contains-empty-directory fsprotect/system/
> fsprotect: package-contains-empty-directory fsprotect/tmp/
fsprotect needs a directory under the root filesystem to preexist. Most
probably it won't be used by normal users, so this won't be common. In IRC it
was mentioned that it could should use /lib/fsprotect, but this directory is
already used to store a helper script:
-rwxr-xr-x 1 root root 1786 2009-03-22 17:32 /lib/fsprotect/fsprotect-protect
and perhaps (in the future) hold other helper scripts too.
the /fsprotect directory will be used to mount filesystems inside it. 2 mounts
per protected filesystem will exist in there.
The /fsprotect/system and /fsprotect/tmp directories are required to pre-exist
at the time initramfs mounts the root filesystem.
Until now I didn't have a definitive answer regarding the proper location of
that directory. I've also asked debian-devel some time ago about that but got
no answer.
> especially any good reason to override this warning:
> virtual-package-depends-without-real-package-depends?
Yes.fsprotect uses aufs. It isn't a good idea to depend on packages like this
one: aufs-modules-2.6.29-v2-v (which for example, is the module compiled for
the custom kernel of my system). I've made fsprotect depend on aufs-modules
which is provided my aufs-modules-* packages. I believe you understand that it
isn't possible to depend on a specific modules version.
Thanks for the immediate feedback. If you don't have any other comments, I'll
upload the new version (with standards 3.8.1) to mentors.
Reply to: