| 1 |
>>> and create executable shell script in that dir: mozilla-firefox-bin.postinst |
| 2 |
>>> ---cut--- |
| 3 |
>>> #!/bin/bash |
| 4 |
>>> ewarn "Running chpax -m /opt/firefox/firefox-bin to avoid crash on flash!" |
| 5 |
>>> chpax -m /opt/firefox/firefox-bin |
| 6 |
>>> ---cut--- |
| 7 |
>>> |
| 8 |
>> |
| 9 |
>> Of course, if you compile firefox instead of using firefox-bin, then file |
| 10 |
>> should be named mozilla-firefox.postinst and you should use there paxctl |
| 11 |
>> instead of chpax. |
| 12 |
>> |
| 13 |
> A simple cron job or slightly-less-simple RBAC policy can do the trick. |
| 14 |
> There's no need to mess with portage, imho. |
| 15 |
|
| 16 |
Thanks for the suggestions everyone. I think this type of persistence |
| 17 |
should be built into portage. Maybe /etc/portage/package.nomprotect. |
| 18 |
Do you agree? Should I file a bug? |
| 19 |
|
| 20 |
- Grant |
Archives