1 |
Marius Mauch wrote: |
2 |
> Mike Frysinger <vapier@g.o> wrote: |
3 |
>> mayhaps we need a new function to be run in src_install() to label |
4 |
>> files as "sensitive" ... so baselayout would do: |
5 |
>> esosensitive /etc/{fstab,group,passwd,shadow} |
6 |
>> and then we expand the format of CONTENTS in the vdb: |
7 |
>> priv /etc/fstab <hash> <mtime> |
8 |
> |
9 |
> And what would be phase 2 of that? Just having a new filetype |
10 |
> in CONTENTS doesn't accomplish anything by itself ... |
11 |
> |
12 |
I imagine the tools need updating to deal with that (especially quickpkg |
13 |
etc.) Of course this needs to be tested thoroughly from a security pov, and |
14 |
admins may well decide they don't like the idea (after all a professional |
15 |
is going to have their own backup procedures in place already.) If you're |
16 |
adding a priv field, tho, you might as well make it a generic attributes |
17 |
field imo. Not sure what uses you can come up with, but rcs integration |
18 |
springs to mind. |
19 |
|
20 |
On a wider note, how difficult are these sorts of changes to implement? Only |
21 |
we were discussing a satisfiedBy addition to refine system updates on |
22 |
#-portage (something to do with slots, unversioned deps and --depclean, but |
23 |
I couldn't really follow it all) and that would require change in vdb as |
24 |
well, which I was told needed an EAPI bump. So, if y'all are discussing vdb |
25 |
changes for EAPI=1 (which aiui is needed yesterday ;) I for one would love |
26 |
to know what other changes devs would like to see. |
27 |
|
28 |
|
29 |
-- |
30 |
gentoo-dev@g.o mailing list |