1 |
On Wednesday 20 June 2007, Petteri Räty wrote: |
2 |
> Mike Frysinger kirjoitti: |
3 |
> > On Wednesday 20 June 2007, Marius Mauch wrote: |
4 |
> >> Mike Frysinger <vapier@g.o> wrote: |
5 |
> >>> mayhaps we need a new function to be run in src_install() to label |
6 |
> >>> files as "sensitive" ... so baselayout would do: |
7 |
> >>> esosensitive /etc/{fstab,group,passwd,shadow} |
8 |
> >>> and then we expand the format of CONTENTS in the vdb: |
9 |
> >>> priv /etc/fstab <hash> <mtime> |
10 |
> >> |
11 |
> >> And what would be phase 2 of that? Just having a new filetype |
12 |
> >> in CONTENTS doesn't accomplish anything by itself ... |
13 |
> > |
14 |
> > updating any tool that creates binary packages from the live $ROOT of |
15 |
> > course silly billy |
16 |
> > |
17 |
> > current behavior: |
18 |
> > # quickpkg baselayout |
19 |
> > * Building package for sys-apps/baselayout-1.12.10-r4 |
20 |
> > * Packages now in '/usr/portage/pacakges': |
21 |
> > * sys-apps/baselayout-1.12.10-r4: 307K |
22 |
> > |
23 |
> > proposed new behavior (exact output here is not part of the discussion so |
24 |
> > dont nit pick it): |
25 |
> > # quickpkg baselayout |
26 |
> > * Building package for sys-apps/baselayout-1.12.10-r4 |
27 |
> > * Skipping sensitive file: /etc/passwd |
28 |
> > * Skipping sensitive file: /etc/shadow |
29 |
> > * Skipping sensitive file: /etc/group |
30 |
> > * Packages now in '/usr/portage/pacakges': |
31 |
> > * sys-apps/baselayout-1.12.10-r4: 307K |
32 |
> > # quickpkg --iamsensitive baselayout |
33 |
> > * Building package for sys-apps/baselayout-1.12.10-r4 |
34 |
> > * Including sensitive file: /etc/passwd |
35 |
> > * Including sensitive file: /etc/shadow |
36 |
> > * Including sensitive file: /etc/group |
37 |
> > * Packages now in '/usr/portage/pacakges': |
38 |
> > * sys-apps/baselayout-1.12.10-r4: 307K |
39 |
> |
40 |
> It would probably be prudent to have pristine versions of the files |
41 |
> installed on the system (optional) so that you can actually create |
42 |
> binary packages with all the files. |
43 |
|
44 |
being able to generate binary packages that actually reflect the live $ROOT is |
45 |
desirable |
46 |
-mike |