Re: RFS: fsprotect (try #2)
Excerpts from Stefanos Harhalakis's message of mar abr 21 12:12:02 -0300 2009:
> > > I am looking for guidance and a sponsor for my package "fsprotect".
> > 1. why this package is a native package? i think a normal package
> > should be better
> It was also mentioned on the last thread so I omit that:
> fsprotect is 100% tied to a distribution. It cannot be an independent program
> that is packaged for debian or other distributions. The core functionality of
> fsprotect is provided by one init script and one initramfs script/hook and
> those are depending *very* much to the distribution. I.e the init script must
> run immediately after the filesystems are mounted and before anything else is
Anyway, it shouldn't be a native package, native packages need a new release
to fix anything (packaging, typos, etc), also need a full upload for every
change. It can be argued if there is any use for native packages anymore, and
probably there isn't. So, please, don't upload a native package.
> > 3. can you explain why you override the following lintian warnings
> > $ cat debian/fsprotect.lintian-overrides
> > fsprotect: non-standard-toplevel-dir fsprotect/
> > fsprotect: virtual-package-depends-without-real-package-depends
> > fsprotect: package-contains-empty-directory fsprotect/system/
> > fsprotect: package-contains-empty-directory fsprotect/tmp/
> fsprotect needs a directory under the root filesystem to preexist. Most
> probably it won't be used by normal users, so this won't be common. In IRC it
> was mentioned that it could should use /lib/fsprotect, but this directory is
> already used to store a helper script:
> -rwxr-xr-x 1 root root 1786 2009-03-22 17:32 /lib/fsprotect/fsprotect-protect
> and perhaps (in the future) hold other helper scripts too.
Why is the script in /lib/fsprotect? Shouldn't it be better if its simply
Why fsprotect needs to break the FHS?
> the /fsprotect directory will be used to mount filesystems inside it. 2 mounts
> per protected filesystem will exist in there.
> The /fsprotect/system and /fsprotect/tmp directories are required to pre-exist
> at the time initramfs mounts the root filesystem.
Then you might prefer to create those directories from a initramfs script.
Is it posible to make fsprotect run only as a script of initramfs?