1 |
>>> and create executable shell script in that dir: mozilla-firefox-bin.postinst |
2 |
>>> ---cut--- |
3 |
>>> #!/bin/bash |
4 |
>>> ewarn "Running chpax -m /opt/firefox/firefox-bin to avoid crash on flash!" |
5 |
>>> chpax -m /opt/firefox/firefox-bin |
6 |
>>> ---cut--- |
7 |
>>> |
8 |
>> |
9 |
>> Of course, if you compile firefox instead of using firefox-bin, then file |
10 |
>> should be named mozilla-firefox.postinst and you should use there paxctl |
11 |
>> instead of chpax. |
12 |
>> |
13 |
> A simple cron job or slightly-less-simple RBAC policy can do the trick. |
14 |
> There's no need to mess with portage, imho. |
15 |
|
16 |
Thanks for the suggestions everyone. I think this type of persistence |
17 |
should be built into portage. Maybe /etc/portage/package.nomprotect. |
18 |
Do you agree? Should I file a bug? |
19 |
|
20 |
- Grant |